Senior Software Engineer, Sec Ops at Slack
Remote › 🇺🇸 100% remote position (in the US) (Posted Mar 11 2022)
About the company
Slack enables people around the world to communicate and collaborate together, from the world’s largest public companies to the smallest of startups. We take performance and reliability very seriously. A taste of our scale:
• During the week, our users spend over a billion minutes a day active in our product.
• At peak usage, a million messages a minute passed through Slack.
• Every day we see over 15 million simultaneously connected users
• For millions of people, Slack is their primary communication tool for work and more and they expect it to be exceptionally reliable and fast year-round.
Our Security team supports the unwritten fourth tenet of Slack’s mission: make people’s working lives more secure. We’re serious about protecting our infrastructure, operations, and most importantly, our customers’ data. We take a systemic approach to security and strive to ensure that we provide low friction high-impact security across everything we do. We’re looking for a software engineer to help lead our Security Engineering team. Significant in-field experience is not a hard requirement but a curiosity about security and a deep desire to learn is paramount.
A significant part of this job is meant to attract a multidisciplinary engineer; you probably feel skeptical of any job posting with the word “DevOps” in it, but that (or even SecDevOps) is what you do. While we don’t necessarily harden systems, we would ask for your help in evaluating tooling pragmatically—particularly when the right time is to spend some money or when months of development would be advantageous.
This role is to work directly on the team which developed the novel alerting mechanism go-audit which turns out to be quite an interesting scaling problem. This team also is responsible for the production, development and ongoing extensions to the Nebula overlay network. We have solved some interesting problems by writing code and running the systems which our software runs upon.
Slack has a positive, diverse, and supportive culture—we look for people who are curious, inventive, and work to be a little better every single day. In our work together we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?
What you will be doing
Develop novel software that helps Slack be more secure
Write some go: Creatively scale and operate the infrastructure and tools that handle millions of events per second, as well as participate in an on-call rotation to support these tools
Identify and develop new features and a roadmap to augment existing tools to protect Slack’s production infrastructure and to help make our business lives simpler, more pleasant, more productive (and more secure)
Get excited about some “ops” things - terraform, ansible, ubuntu are all keywords for our daily work.
What you should have
Curiosity and creativity. We’re looking for individuals to join the team who very much want to know why something happened in addition to just that it happened. We have a lot of ideas, but are hopeful that your perspective will push us all forward together to deeper understanding.
Proficiency both in a practical systems programming language and the shell of your choice. We write Go and Shell, but are interested to see where you shine.(Java, Scala, Rust or other modern languages should be suitable as well)
This is a role afforded the latitude to define workstreams, and entrusted to approach engineering problems as an art form. You want to empower your coworkers with the easy maintainability of code you’ve collaborated on, and you take pride in the craftsmanship of your efforts.
Motivation to solve problems, not to patch over quick fixes. This is at the root of our goal to be on-call for our own services. Being on-call shouldn’t be a burden to team members. If it ever is, fixing it is our highest priority.
We seek a candidate eager to collaborate across the company as we further our approachable and inclusive team ethos. As a software development team first, we are actively aligned and working with the rest of engineering.
Broad exposure to various security disciplines and deeper understanding of models and principles behind core security concepts such as MFA and securely managing secrets or tokens.
At this level, 3-6 years of proven ability is a typical guidepost, but in no way a requirement.
Golang—we’ve written wide-reaching tools in Golang, but we aren’t wedded to it.
Ansible—it’s not that bad, and helps us move quickly, but any configuration management tool is applicable.
Elasticsearch / Kibana—you can readily access information and love metrics.
Please mention that you found the job at Golangprojects.com