Staff Security Engineer
To see similar active jobs please follow this link: Remote System Administration jobs
Job Overview:
Coursera is an engineering-first company. Our teams are responsible for maintaining a scalable and reliable platform, in addition to building interactive products for the worldwide learner community. We are made up of teams ranging from Development Infrastructure, Growth, Learner/Consumer Experience, Content Platform, and SDET Engineering. Every day, Engineering teams collaborate with cross-functional partners, including other engineers, data scientists, and product managers.
Responsibilities:
Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management
Plan and execute vulnerability assessments of our products and services associated with cloud infrastructure.
Lead Cybersecurity Incident Response Team (CIRT): triage, respond to and investigate security incidents affecting platform and services
Lead regulatory readiness assessments and development of appropriate compliance strategies (SOX, SOC2, FERPA, ISO27001, NIST, etc.)
Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits
Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies. Review Information Security and privacy related requirements in contracts and provide input to Legal Team
Perform technical security assessments, architecture and design reviews of Coursera’s products, applications, services and cloud infrastructure
Provide security expertise and guidance to all Coursera engineering and business teams
Develop technical solutions to help mitigate security vulnerabilities
Establishing and coordinating remediation and mitigation for identified security risks
Ensuring technical security controls are in place, maintained and audited on a periodic basis
Basic Qualifications:
10+ years’ of working experience in an Information Security and Compliance role
Have solid knowledge of ISO 27001, NIST and other information security standards and have practical experience implementing these standards
Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and cryptography
5+ years experience in security architecture and technical security designs for cloud systems infrastructure and corporate networks and systems
5+ years of vulnerability assessments and penetration testing
5+ years of AWS foundation services related to computing, networking, storage, content delivery, administration and security, deployment and management, instrumentation and automation technologies.
Preferred Qualifications:
Certifications such as: CISSP, CISA, CISM, CCSP, AWS Architect or Certified Security is a plus
If this opportunity interests you, you might like these courses on Coursera:
Compensation
US Zone 1: $160,000 to $230,000 USD
US Zone 2: $135,000 to $205,000 USD
US Zone 3: $125,000 to $195,000 USD
The range(s) listed above is the expected annual base salary for this role, subject to change.
Salary is just one component of Coursera’s total rewards package. All regular employees are also eligible for a bonus program and equity in the form of RSU’s.
A number of factors are taken into account when determining pay, which includes: job level, location, training/education, business need, skill set and internal equity.
Current Zone Locations:
Zone 1- San Francisco Metro, New York City Metro or Seattle Metro
Zone 2 - CA (outside of SF Bay Area), CO, CT, DC, GA, IL, MA, MD, NY/NJ (other than NYC), OR, RI, TX, VA, WA (other than Seattle)
Zone 3 - all other US locations
#PL-1
About the job
Staff Security Engineer
To see similar active jobs please follow this link: Remote System Administration jobs
Job Overview:
Coursera is an engineering-first company. Our teams are responsible for maintaining a scalable and reliable platform, in addition to building interactive products for the worldwide learner community. We are made up of teams ranging from Development Infrastructure, Growth, Learner/Consumer Experience, Content Platform, and SDET Engineering. Every day, Engineering teams collaborate with cross-functional partners, including other engineers, data scientists, and product managers.
Responsibilities:
Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management
Plan and execute vulnerability assessments of our products and services associated with cloud infrastructure.
Lead Cybersecurity Incident Response Team (CIRT): triage, respond to and investigate security incidents affecting platform and services
Lead regulatory readiness assessments and development of appropriate compliance strategies (SOX, SOC2, FERPA, ISO27001, NIST, etc.)
Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits
Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies. Review Information Security and privacy related requirements in contracts and provide input to Legal Team
Perform technical security assessments, architecture and design reviews of Coursera’s products, applications, services and cloud infrastructure
Provide security expertise and guidance to all Coursera engineering and business teams
Develop technical solutions to help mitigate security vulnerabilities
Establishing and coordinating remediation and mitigation for identified security risks
Ensuring technical security controls are in place, maintained and audited on a periodic basis
Basic Qualifications:
10+ years’ of working experience in an Information Security and Compliance role
Have solid knowledge of ISO 27001, NIST and other information security standards and have practical experience implementing these standards
Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and cryptography
5+ years experience in security architecture and technical security designs for cloud systems infrastructure and corporate networks and systems
5+ years of vulnerability assessments and penetration testing
5+ years of AWS foundation services related to computing, networking, storage, content delivery, administration and security, deployment and management, instrumentation and automation technologies.
Preferred Qualifications:
Certifications such as: CISSP, CISA, CISM, CCSP, AWS Architect or Certified Security is a plus
If this opportunity interests you, you might like these courses on Coursera:
Compensation
US Zone 1: $160,000 to $230,000 USD
US Zone 2: $135,000 to $205,000 USD
US Zone 3: $125,000 to $195,000 USD
The range(s) listed above is the expected annual base salary for this role, subject to change.
Salary is just one component of Coursera’s total rewards package. All regular employees are also eligible for a bonus program and equity in the form of RSU’s.
A number of factors are taken into account when determining pay, which includes: job level, location, training/education, business need, skill set and internal equity.
Current Zone Locations:
Zone 1- San Francisco Metro, New York City Metro or Seattle Metro
Zone 2 - CA (outside of SF Bay Area), CO, CT, DC, GA, IL, MA, MD, NY/NJ (other than NYC), OR, RI, TX, VA, WA (other than Seattle)
Zone 3 - all other US locations
#PL-1