Information Security Engineer (Remote)

We’re looking for an Information Security (InfoSec) Engineer to join Yelp’s globally expanding Security team to help keep our infrastructure, network, endpoints, and applications safe.   

Are you someone who’s passionate about the challenging area of enterprise security? Do you thrive in an environment that bridges technical and business requirements to meet security needs? As an InfoSec Engineer, you’ll work on improving our security posture and capabilities. Together with our awesome security engineers, you’ll partner with technology and business leads to understand their objectives, identify threats, and efficiently secure enterprise systems at scale. You’ll also partner with internal stakeholders to help architect Yelp’s future risk management, security education, and network security systems.

Where You Come In:

• Work closely with teams across the organization (particularly IT, Tech Sourcing, and Legal) to implement proactive security measures
• Implement technical controls to reduce risk in the corporate environment
• Identify vulnerabilities through assessments, working with internal partners to remediate Yelp’s environment
• Set policies and best security practices for IT and other internal organization and third-party integrations
• Help perform threat modeling across business applications and infrastructure integrations
• Work with others on endpoint security, ensuring the machines in use are secure, without being overly intrusive
• Conduct routine phishing and Information Security campaigns to increase users’ awareness of social engineering attacks and provide periodic reporting on such 
• Develop appropriate metrics (key risk and performance indicators) to measure the monitoring program and related process
• Research emerging security threats and propose additional components and techniques that could be used to proactively detect and prevent malicious activity

What It Takes to Succeed:

• Several years of professional experience in large enterprise environments or working to secure enterprise applications, risk management, or supply chain risk
• Ability to perform threat and vulnerability assessments and provide subject matter expertise on appropriate threat mitigation
• Experience improving threat detection using network or endpoint system capabilities
• BS or MS in Computer Science, Engineering, or a related technical discipline, or equivalent experience

What You'll Get:

• Full responsibility for projects from day one, an awesome team, and a dynamic work environment
• Competitive salary with equity in the company, a pension scheme, and an optional employee stock purchase program
• 25 days paid holiday initially (rising to 29 with service), plus one floating holiday
• Private health insurance, including dental and vision
• Flexible working hours and meeting-free Wednesdays
• Regular 3-day Hackathons and weekly learning groups, always with interesting topics
• Opportunities to participate in digital events and conferences
• £58 per month toward any wellness activity of your choice
• Quarterly team offsites