Software Engineer - Security (Toronto)

Job Description

Summary

Yelp is looking for security engineers to keep us safe and sane as we build out our desktop, mobile, business owner, and administrative websites. It's an opportunity to have tremendous impact and broad scope protecting Yelp's data, our employees, and our millions of users. Additionally, Yelp’s future growth in the transactions space has many security implications, both in traditional application security as well as in privacy controls and fraud and risk analysis.
As a Software Engineer in Security, you will be responsible for partnering with different engineering teams at Yelp to help build features, tools, and libraries to enable security by default. You’ll also work to identify and fix vulnerabilities in the products we build, as well as work with external security researchers through our public bug bounty program.

Where You Come In

• Develop and deploy authentication and security related components of Yelp’s website and mobile apps.
• Develop libraries used across multiple Yelp apps for secure communication and data storage.
• Pair with mobile, frontend, and backend teams to architect and develop features in a secure, and scalable manner.
• Validate and remediate vulnerabilities reported in our bug bounty.

What It Takes to Succeed

• While previous application security experience is a plus, we are looking for strong software generalists first, with an interest in application security.
• Understanding of HTML5, current, and emerging browser security models.
• 3-5 years of software engineering experience.
• BS or MS in Computer Science or Engineering.
• Experience with languages like: Python, Java, Javascript, Puppet, Objective-C, or Swift.

Pluses

• Experience with AWS and SoA.
• Experience with securing iOS and Android applications.
• Security research or pen testing experience.