At Lyft, our mission is to improve peoples lives with the worlds best transportation. To do this, we start with our own community by creating an open, inclusive, & diverse organization.
Lyft Security designs & builds Lyft's security architecture, consults with other teams as they build & launch new products & features, proactively plans for the unexpected, & responds to incidents that occur. Our work affects the entire company & takes place at all levels of the stack, from infrastructure to web application security, as well as mobile apps, IT, bikes, scooters, & autonomous vehicles. We try to approach security from a software engineering standpoint. We believe in scaling security through automation & tooling & we ship frequently. Check out our blog posts at https://eng.lyft.com/tagged/security to learn more about some of the things weve built.
The Application Security teams mission: Empower the company to ship secure products. Provide clear guidance on secure code & implement quality gates across our software delivery pipeline.
Were looking for the right person to drive our appsec team to perform service & application security review, & move us along our maturity journey.
As the Application Security Manager, you will use your technical experience to lead a team of software engineers & security engineers to challenge the status quo & help Lyft improve the security of our applications. In order to be scalable, each secure code quality gate must be automated & integrated into our software release pipeline. Our grand vision is a fully automated series of quality controls that constantly validate that our code is secure. We strongly believe in feedback loops, & that our team should focus in scaling their expertise.
You will lead a team that is inclusive, helpful, & has a strong sense of ownership for the things they help protect. The team looks to their manager for organizational transparency, career development, mentorship, & honest feedback.
- Lead a team of talented security engineers who like to secure applications & tackle hard security engineering problems
- Build a Vision where the team talent can be scaled, improve the quality of Lyft code in an automatic, self-serve way by creating feedback loops that help us learn from the past & the present, to improve our future
- Work across engineering to build relationships with other teams. Use their feedback & understand their goals to build & prioritize a roadmap for your org
- With the help of your team members, educate engineering on best practices for building security applications
- Create & evolve sustainable processes & tools for operations through automation, self-service & reducing complexity
- Mentor & guide the professional & technical development of your team members; help develop their careers & assign them to projects tailored to their skill levels, personalities, work styles, & professional goals
- Build teams that are collaborative, inclusive, & respectful of each other
- Provide continuous feedback, address underperformance, & recognize the individual strengths & contributions of your team members
- Create plans for prioritizing technical & resourcing challenges in your organization
- Instill a spirit of continuous improvement in the teams code, architecture, & processes
- Work closely with the Lyft recruiting team to hire high potential candidates from diverse backgrounds
- Past experience doing threat modelling, code review (Python, Go), penetration testing against cloud environments and/or mobile (iOS/Android)
- Computer networking concepts & protocols, application & network security methodologies
- Ability to communicate complex information, concepts, or ideas in a confident & well-organized manner through verbal, written, and/or visual means
- Ability to manage multiple tasks & priorities
- Ability to work independently with minimal supervision
- Experience with (or a deep interest in) computer security, ideally in both attacking & defending services
- Experience guiding teams through planning, prioritization, & execution of work
- Great medical, dental, & vision insurance options
- Mental health benefits
- In addition to 12 observed holidays, salaried team members have unlimited paid time off, hourly team members have 15 days paid time off
- 401(k) plan to help save for your future
- 18 weeks of paid parental leave. Biological, adoptive, & foster parents are all eligible
- Pre-tax commuter benefits
- Lyft Pink - Lyft team members get an exclusive opportunity to test new benefits of our Ridership Program
Lyft is an equal opportunity/affirmative action employer committed to an inclusive & diverse workplace. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by law. We also consider qualified applicants with criminal histories consistent with applicable federal, state & local law.