Software Engineer, Security
Who We Are
The Information Security (InfoSec) organization plays a key role within the trust and security program at Twitter. The Application Security (AppSec) team is composed of software engineers with a primary focus on application security working to ensure Twitter builds and maintains secure software for hundreds of millions of users. This team is tasked with solving classes of security problems through engineering solutions and focuses on software security for the full stack. In addition, we integrate tooling, authoritative reviews, and developer training throughout the SDLC to ensure security is prioritized at each step of development to identify potential vulnerabilities. The AppSec team is a part of the Information Security Program and reports to the Chief Information Security Officer within the engineering organization of Twitter.
What You'll Do
As a Software Engineer in Security, you will:
Build software libraries and frameworks to provide secure defaults, along with tools to detect security problems during development and in production. In this role, you will work on security platform and engineering projects enhancing the public facing and internal applications at Twitter.
Provide security expertise in consultant fashion to the rest of the company so that code produced at Twitter is developed securely. You’ll become an authority in the Twitter software stack to understand points of weakness and opportunities for application security focused solutions.
Respond to security vulnerabilities, serve as an advocate for security within development teams.
Who You Are
Experience in applications security or systems security
Good understanding to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases
Knowledge of browser security controls (CSP, XFO, HSTS, etc), web application security topics such as OWASP Top 10, and authentication infrastructure (SAML, OAUTH)
Recognize the importance of building security solutions that scale and move at the pace of business.
Familiarity with Agile processes and JIRA
Any Mobile (iOS and Android) security experience is a big plus.
Bachelor’s or advanced Degree in Computer Science or closely related field
2+ years of experience in software development using any one of the object-oriented programming languages such as Java, Python or Scala
Proficiency with object-oriented design, data structures, and algorithms
Strong debugging, troubleshooting, and problem-solving skills
Strong and effective communication skills.
We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected status.
San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Engineering Hiring Process
Once your application is received, a recruiter will reach out pending your qualifications are a match for the role.
If your background is a match, you may have 1-2 technical phone interviews or be given the chance to provide a work sample depending on the role.
If the phone interviews go well or your work sample is strong, the final step includes interviews with 5-6 people held onsite in our office.
Twitter Recruiting: All the deets about who we're hiring, what we're doing and why you should come and work here! #lovewhereyouwork
We're your one stop shop for anything University related. That means campus outreach, student advice/tips, & of course, our University Recruiting efforts!