Senior Security Engineer

 Where we work

Udemy is a global company headquartered in San Francisco, with additional U.S. offices in Denver and Austin, and international hubs in Australia, India, Ireland, Mexico, and Türkiye. This is an in-office position, requiring three days a week in the office (Tuesday, Wednesday, Thursday) and flexibility on Mondays and Fridays.

About your skills

• High Performance: You should have the ability to take on tasks and complete them to a high standard, As a Senior Security Engineer you will help shape the standard and pace for the rest of the team

• Technical Expertise: Your ability to understand, operate and learn current and new technologies is a vital part of your role in order to continuously improve our operational output

• Team Player: Being a Team Player is core to how we operate, Understanding the importance of teamwork is one of the driving factors to our team’s success.

• Communication: Working in a global team means that open communication is essential to moving forward as a function and as a team.
   

About You

We seek a skilled and enthusiastic Senior Security Engineer to join the Security Operations team to enhance the organization’s security posture. You will play a hands-on role in maintaining and improving the security on the platform, business systems, data and infrastructure. Conducting risk assessments and implementing security measures to reduce vulnerabilities, you thrive in a fast-paced environment and excel at solving complex security challenges.  Ability to work independently and collaboratively with the Global Customer Operations, IT and Engineering and more

About this role

• Increase visibility of the security presence across multi-layer audiences and operate with teams across multiple departments.

• Aligning security standards across our product development and systems by utilizing industry best practices and fostering a security culture throughout the organization
   

What you’ll be doing

• Investigate, analyze, and respond to security events and incidents, ensure timely remediation, conduct forensics analysis and clear documentation. 

• Participate in on-call rotation and BugBounty programmes to strengthen the business's security posture.

• Working with vendors and internal tooling for continuous improvement

• Collaborating with cross functional teams across all vulnerability assessments

• Utilize AI to improve product security and hygiene. 

• Familiar with the leading industry regulations and frameworks (e.g., GDPR, SOC2 , ISO-27001) to ensure we continuously meet compliance requirements across all domains in our function.
   

What you’ll have

• 4+ years of industry experience in Information Security, specifically
  Incident Response, Threat Intelligence and Vulnerability Management, DLP and Phishing

• Proficient in security technologies such as SIEM/SOAR, EDR, IDS/IPS

• Hands-on experience with AWS Infrastructure,Terraform Automation and GitHub

• Excellent verbal and written communication skills

• Strong knowledge of security concepts for threat hunting, analysis, anomaly detection rules, risk-based threats and vulnerability analysis

• Knowledge of modern authentication mechanisms (MFA, SSO, OAuth, Passwordless)