At Lyft, our mission is to improve peoples lives with the worlds best transportation. To do this, we start with our own community by creating an open, inclusive, & diverse organization.
Lyft connects people to transportation to change the way we live & get around our communities. Lyfts engineering team is growing rapidly, & we are looking for Technical Program Managers to help us scale. Come be part of a new team at Lyft focused on enabling & empowering engineering teams to deliver at scale.
Our drivers & passengers entrust Lyft with their personal information & travel details to get where they're going & expect us to keep that data safe. Lyft's security team leads efforts across the company to ensure our systems are secure & worthy of our users' trust.
The security team designs & builds Lyft's security architecture, consult with other teams as they build & launch new products & features, proactively plans for the unexpected, & responds to incidents that occur. Our work affects the entire company & takes place at all levels of the stack, from infrastructure to web application security, as well as mobile apps, IT, & autonomous vehicles. We try to approach security from a software engineering standpoint. We believe in scaling security through automation & tooling & we ship frequently. Check out our blog posts at https://eng.lyft.com/tagged/security to learn more about some of the things weve built.
The Detection Team will work within Security to assist Lyft in making automated & informed decisions. We work to provide meaningful & timely alerting of high risk activity across the Lyft estate in an automated, verifiable & measurable way. This involves engineering solutions to improve our capability & coverage, as well as working with teams across Lyft to improve our security posture.
Responsibilities:
- Build tools & services that improve the security of our systems with an eye towards scalability & avoiding unnecessary friction
- Evangelize our shared security responsibility model by working with other teams to ensure that all critical systems & workflows are secure by default
- Work on embedding security best practices such as least privilege, isolation, monitoring, authentication & authorization across our infrastructure
- Develop runbooks for IT & security teams to handle incidents & help scale incident response activities within the team & across the company
- Investigate & handle alerts, reports of unusual behavior, & security incidents
- Provide security guidance on a constant stream of features & products
Experience:
- Solid experience with a high level programming language (bonus points for experience with Python & shell scripts)
- Experience with (or a deep interest in) computer security, ideally in both attacking & defending web applications
- When facing a problem that's poorly defined or outside of your expertise, you can quickly learn what you need to dig in, make sense of the problem, & start working towards a solution
- You're a great communicator, & can advocate for your proposals while also empathizing with your teammates' goals & priorities
- You understand that security work must be prioritized because all teams have finite resources. You have good judgment & a sense of when to compromise & when to hold your ground
- Experience with Amazon Web Services (AWS) or any other major cloud service provider
- Running multi-tier or distributed web applications at scale
- Computer network security or major computer networking protocols (e.g. TCP/IP, HTTP, TLS, DNS)
- OS & container security & running fleets of endpoints or servers in the cloud
- Reverse engineering, malware analysis, or digital forensics
- Data classification or data privacy protection
- Cryptography, PKI, or key distribution
Benefits:
- Great medical, dental, & vision insurance options
- In addition to 11 observed holidays, salaried team members have unlimited paid time off, hourly team members have 15 days paid time off
- 401(k) plan to help save for your future
- 18 weeks of paid parental leave. Biological, adoptive, & foster parents are all eligible
- Monthly commuter subsidy to cover your transit to work
- 20% off all Lyft rides
Lyft is an Equal Employment Opportunity employer that proudly pursues & hires a diverse workforce. Lyft does not make hiring or employment decisions on the basis of race, color, religion or religious belief, ethnic or national origin, nationality, sex, gender, gender-identity, sexual orientation, disability, age, military or veteran status, or any other basis protected by applicable local, state, or federal laws or prohibited by Company policy. Lyft also strives for a healthy & safe workplace & strictly prohibits harassment of any kind. Pursuant to the San Francisco Fair Chance Ordinance & other similar state laws & local ordinances, & its internal policy, Lyft will also consider for employment qualified applicants with arrest & conviction records.