Senior Security Engineer, IAM
- Full-time
Company Description
Who We Are:
Twitter is what’s happening and what people are talking about right now. For us, life's not about a job, it's about purpose. We believe real change starts with conversation. Here, your voice matters. Come as you are and together we'll do what's right (not what's easy) to serve the public conversation.
Job Description
You will be responsible for helping drive Twitter’s Identity and Access Management (IAM) strategy and the security of our IAM systems. You will help identify and manage risks and work with partner teams to develop solutions to reduce and control them. You will design, advocate, and help build secure-by-default infrastructure that closes off entire classes of security problems.
As a senior security engineer, you will:
Mentor and help develop other members of the team.
Model and identify potential risks in designs, configuration, code, or deployed systems along with designing and implementing mitigation options.
Identify the trade-offs necessary between security, usability, and engineering velocity.
Drive infrastructure directions and solutions in collaboration with other teams.
Use data to drive the identification of risk areas and solutions.
Analyze the security of systems via testing.
Qualifications
You care about security and building a secure environment for the people using Twitter every day. You are curious and have experience with the tools of the trade, comfortable digging into the details, and eager to help others protect our systems. Ideally, you have many (but need not have all) of the following:
Undergraduate degree or equivalent (engineering, social sciences, arts, etc. are all fine)
2 or more years of relevant experience (other jobs, grad school, etc) in information security including topics such as access control, vulnerability management, threat modeling, or security research.
3 or more years of relevant experience working on IAM topics such as access control, identity management, and authentication & authorization technologies.
Experience working with LDAP, ideally in non-AD deployments.
Experience working with IDM systems such as Sailpoint, Tivoli Identity Manager, Ping Identity, etc.
Experience working with RBAC, just-in-time access, and related authorization strategies.
Experience working with SSO systems such as Okta, and federated authentication technologies such as OIDC, SAML, Shibboleth, etc.
Experience with Kerberos, OAuth, certificate-based identity, and other authentication systems.
Experience with MFA systems including WebAuthn/FIDO
Knowledge of at least one of: Go, Python, Bash, or Java.
Additional Information
Additional Information: A few other things we value:
Challenge - We solve some of the industry’s hardest problems. Come to be challenged, learn, and thrive as an engineer.
Diversity - Diversity makes us a better organization and team. We value diverse backgrounds, ideas, and experiences.
Work, Life, Balance - We work hard, but we believe with hard work should come balance.
We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran, genetic information, marital status or any other legally protected status.
San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records