Back to all jobs

Security Engineer


Jun 16

GitHub is looking for a Infrastructure Security Engineer to join our growing team. We are a hybrid of traditional infrastructure engineers, site reliability engineers and security engineers, working together to create systems and tools that enable our fellow engineers to securely operate and scale the world's largest code hosting platform. As a member of this team, you will develop, implement, and maintain organization-wide capabilities such as secrets management, identity and access management, gateway access, secure provisioning, and more. You'll always be challenged to solve interesting and novel problems that have real impact on how the world builds software.

This role does not require an extensive security background or education level, provided you're eager to learn and passionate about security. This would be an excellent fit for someone currently working as a site reliability engineer or similar who wants to translate their skills to the security domain. This would also be a good fit for an experienced security professional looking to get hands on with security infrastructure and operations. The team's responsibilities vary in complexity, and we are hiring all skill levels, so there is an opportunity here for learning and growth if transferring from another branch of engineering outside of the traditional cybersecurity domains.

GitHub is globally distributed, so you must thrive in an environment of remote work and asynchronous communication. You will be expected to have strong written and oral communication skills and be able to develop effective relationships with coworkers in locations around the globe.

Nothing in life is perfect including this job description. You may be an excellent fit even if you don’t meet all of the qualifications. We look forward to meeting you and hearing about your unique skills and experiences!

Responsibilities: (This role will only be assigned to a subset of these focus areas. For more complex tasks/project, you will be paired with senior engineers on the team)

  • Develop, implement and/or operate and maintain infrastructure security services.
  • Automate tasks by consuming and building APIs and developing self-service tools and frameworks.
  • Utilizing existing documentation, source code and logs to understand complex interactions between systems.
  • Advise teams across the organization (infrastructure, application engineering, data analytics, etc.) to ensure the security, availability and resilience of our infrastructure.
  • Improve metrics and monitoring to ensure the reliability of our security infrastructure.
  • Emergency escalation support for security incidents and system outages.
  • Improve risk scoring, audit and compliance practices that will scale as the company grows.
  • Assist GitHub employees with the operation and use of our security infrastructure.
  • Cultivate the open source projects developed by GitHub and build things you are proud to share.

Preferred Qualifications: (Not all are required, we encourage you to apply if you excel in even a few of these areas)

  • Experience and/or expertise with the GNU/Linux operating system and shell scripting.
  • Experience and/or expertise in at least one high level language such as Ruby, Python, Golang, etc.
  • Experience and/or expertise with Amazon Web Services, Microsoft Azure or a similar cloud provider.
    Familiarity with configuration/orchestration management software such as Puppet, Chef, Ansible, Salt or Terraform.
  • Familiarity with git and/or GitHub is a plus.
  • Ability to diagnose and fix security, performance and reliability problems.
  • Pragmatic and collaborative approach to decision making and system design.

Preferred Experience

  • Experience building highly available and secure systems at scale.
  • Experience with Kubernetes and Docker.
  • Proficiency in Ruby and/or Puppet.
  • Experience with the Hashicorp stack, specifically Vault.
  • Experience with infrastructure services such as LDAP, SSH, VPN, HTTP proxies, etc.
  • Experience with a SAML provider.
  • Experience working with or developing against SaaS APIs.
  • Contributions to open source.

Minimum salary of $168,400 to maximum $276,900 + bonus + equity + benefits.
· Note: Disclosure as required by sb19-085 (8-5-20) of the minimum salary compensation for this role when being hired in Colorado. 

Who We Are:

GitHub is the developer company. We make it easier for developers to be developers: to work together, to solve challenging problems, and to create the world’s most important technologies. We foster a collaborative community that can come together—as individuals and in teams—to create the future of software and make a difference in the world.

Leadership Principles:

Customer Obsessed - Trust by Default - Ship to Learn - Own the Outcome - Growth Mindset - Global Product, Global Team - Anything is Possible - Practice Kindness

Why You Should Join:

At GitHub, we constantly strive to create an environment that allows our employees (Hubbers) to do the best work of their lives. We've designed one of the coolest workspaces in San Francisco (HQ), where many Hubbers work, snack, and create daily. The rest of our Hubbers work remotely around the globe. Check out an updated list of where we can hire here:

We are also committed to keeping Hubbers healthy, motivated, focused and creative. We've designed our top-notch benefits program with these goals in mind. In a nutshell, we've built a place where we truly love working, we think you will too.

GitHub is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people of all walks of life. We don't discriminate against employees or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!

Please note that benefits vary by country. If you have any questions, please don't hesitate to ask your Talent Partner.