Edtech.com's Summary

Duolingo is hiring a Senior Security Engineer to enhance the security posture and infrastructure of its language learning platform used by millions of daily active users. The role involves designing scalable monitoring and response systems, collaborating with development teams on threat modeling, and ensuring compliance with regulatory obligations.

Highlights

Design and develop scalable security monitoring and response systems to mitigate risks.
Continuously assess and improve Duolingo's security posture and anticipate future threats.
Collaborate with development teams for threat modeling and risk mitigation guidance.
Implement open-source software dependency checks and deploy early alerting and automation systems.
Develop continuous verification and testing systems for security controls and key features.
Work with finance and IT partners to maintain regulatory compliance and improve offboarding security processes.
Experience with security scanning tools in CI/CD pipelines, Linux system administration, automation, and Python programming is required.
Bachelor’s degree in Computer Science or related field, with 2+ years on collaborative development teams and experience in product, application, or cloud security.
Exceptional candidates may have familiarity with containerization (Docker, rkt), AWS infrastructure security, Terraform, and security scanning tools like SemGrep, Nuclei, Trufflehog, and Checkov.
Salary range from $177,700 to $300,000 USD.

Senior Security Engineer Full Description

Our mission at Duolingo is to develop the best education in the world and make it universally available. It’s a big mission, and that’s where you come in!

At Duolingo, you’ll join a team that cares about finding innovative solutions to complex technical problems, running countless experiments (300+ at a time!) with our massive user base to make data-driven decisions, and educating our users and employees alike. You’ll have limitless learning opportunities, mentorship and collaboration with world-class minds, and a variety of projects with large scopes — while doing work that’s both fun and meaningful.

Join our life-changing mission to develop education for our half a billion (and growing!) learners around the world.

About the role

Join Duolingo as a Security Engineer and play a pivotal role in safeguarding our systems, employees, learner data, and services across our rapidly-growing language learning platform. With over 650 employees and 21 million daily active users, your expertise will be critical in maintaining the highest security standards, while continuously enhancing our infrastructure security and ensuring compliance.

You will...

Design and develop scalable monitoring and response systems for security alerts to proactively mitigate risks
Continuously evaluate Duolingo's security posture, anticipating future threats and devising appropriate countermeasures
Collaborate with development teams to conduct threat modeling, identify risks, and provide guidance on mitigations
Be a partner to our security champions, organizing and growing the program across Duolingo to ensure the efficient distribution of security knowledge
Implement dependency checks for open-source software within applications
Participate in regular product security tabletops with organizational partners
Work on deploying early alerting systems throughout our environment and the responsive automations that trigger when they alert
Develop a continuous verification and testing system for security controls and critical features
Work with our partners in finance to ensure we maintain compliance with our regulatory obligations
Collaborate with IT to improve the security of our offboarding processes by introducing automation and well documented procedures

You have...

Experience deploying, managing, and troubleshooting security scanning tools in the CI/CD pipeline
Familiarity with Linux system administration, automation, and Python programming
A desire to learn more about security and develop the foundational building blocks of the program
Strong collaboration, emotional intelligence, and communication skills
A Bachelor’s degree in Computer Science or related technical field
Proven experience developing and maintaining microservices
2+ years working on collaborative development teams
Experience in product, application, or cloud security
Willingness to work in both backend engineering and operational engineering dependent on the needs of the organization
Ability to relocate to New York, NY

Exceptional candidates will have...

Familiarity with containerization runtimes (Docker, rkt)
Experience securing a large infrastructure on AWS
Threat modeling experience across various architectures and understand how to align those with business goals
Demonstrable experience in designing and managing multi-account cloud environments
Experience communicating sophisticated technical requirements to audiences of variable technical sophistication
Experience working in Terraform, developing modules and creating secure by default configurations
Familiarity with security scanning tools such as SemGrep, Nuclei, Trufflehog, and Checkov

We post a multi-level salary range for all of our roles.

This is not inclusive of the rest of our awesome portfolio that includes equity compensation and world-class benefits. Our salary ranges are the same for all US locations. Your recruiter can share more details about the range for a specific level during the hiring process. The actual salary within the range is determined by many factors including but not limited to, skills, experience, education, and internal equity.

Salary Range:

$177,700—$300,000 USD

Take a peek at how we care for our employees' holistic well-being with our benefits here.

We will do everything we can within reason to make sure that your interview takes place in an environment that fairly and accurately assesses your skills. If you need assistance or accommodation, please contact accommodations@duolingo.com.

Duolingo is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

By applying for this position your data will be processed as per the Duolingo Applicant Privacy Notice.

Original Job Description

Our mission at Duolingo is to develop the best education in the world and make it universally available. It’s a big mission, and that’s where you come in!

Join our life-changing mission to develop education for our half a billion (and growing!) learners around the world.

About the role

You will...

Design and develop scalable monitoring and response systems for security alerts to proactively mitigate risks
Continuously evaluate Duolingo's security posture, anticipating future threats and devising appropriate countermeasures
Collaborate with development teams to conduct threat modeling, identify risks, and provide guidance on mitigations
Be a partner to our security champions, organizing and growing the program across Duolingo to ensure the efficient distribution of security knowledge
Implement dependency checks for open-source software within applications
Participate in regular product security tabletops with organizational partners
Work on deploying early alerting systems throughout our environment and the responsive automations that trigger when they alert
Develop a continuous verification and testing system for security controls and critical features
Work with our partners in finance to ensure we maintain compliance with our regulatory obligations
Collaborate with IT to improve the security of our offboarding processes by introducing automation and well documented procedures

You have...

Experience deploying, managing, and troubleshooting security scanning tools in the CI/CD pipeline
Familiarity with Linux system administration, automation, and Python programming
A desire to learn more about security and develop the foundational building blocks of the program
Strong collaboration, emotional intelligence, and communication skills
A Bachelor’s degree in Computer Science or related technical field
Proven experience developing and maintaining microservices
2+ years working on collaborative development teams
Experience in product, application, or cloud security
Willingness to work in both backend engineering and operational engineering dependent on the needs of the organization
Ability to relocate to New York, NY

Exceptional candidates will have...

Familiarity with containerization runtimes (Docker, rkt)
Experience securing a large infrastructure on AWS
Threat modeling experience across various architectures and understand how to align those with business goals
Demonstrable experience in designing and managing multi-account cloud environments
Experience communicating sophisticated technical requirements to audiences of variable technical sophistication
Experience working in Terraform, developing modules and creating secure by default configurations
Familiarity with security scanning tools such as SemGrep, Nuclei, Trufflehog, and Checkov

We post a multi-level salary range for all of our roles.

Salary Range:

$177,700—$300,000 USD

Take a peek at how we care for our employees' holistic well-being with our benefits here.

By applying for this position your data will be processed as per the Duolingo Applicant Privacy Notice.

Let me find your next job.

Thanks - you're signed up.

Senior Security Engineer

Edtech.com's Summary

Senior Security Engineer Full Description

Information Security Compliance Analyst III - 526822

Cloud Security Engineer

Chief Information Security & Privacy Officer - #002381

Platform Security Engineer

IST Analyst II (Linux Administration)