Application Security Engineer - Yammer
Microsoft
San Jose, San José, Costa Rica
hace 6 días

What is Yammer?

Microsoft Yammer is the industry-defining social network for the enterprise. Millions of employees, including 85% of Fortune 500 companies use Yammer every day, to build community and culture, share knowledge, and connect with their leaders and each other.

Why Yammer?

Yammer was one of the first startup unicorns this past decade and was acquired by Microsoft in 2012. Today, this means we get the benefits of a startup - rapid innovation, cutting-edge technology, outsized individual impact - with the advantages of working for one of the most successful software companies in the world.

We work together in small, cross-functional teams - engineers, product managers, designers, data scientists - to design, deliver and operate delightful end user experiences to our tens of millions of users spread across the world.

We’ve always been mission-driven;In this post-Covid world, Yammer has become even more indispensable than ever as employees have a deep need for connection and a sense of belonging.

We’ve been growing rapidlyand need your help to take Yammer to the next level.

You will have :

  • Autonomy and freedom to innovate
  • Choice of the best of open source and Microsoft-internal technology
  • The ability to experiment, A / B test, and make data-driven decisions
  • Tons of opportunity for outsized impact as part of asmall but mighty team on a rapidly-growingproduct needed now more than ever
  • At the same time, youalso have the benefits of working at a top-tier tech company like Microsoft :

  • Compensation, benefits, and perks
  • Internal resources, technology, and opportunities for learning and growth
  • Brand and networking
  • Opportunity for massive scale as part of a suite with hundreds of millions of users
  • About this job

    The Yammer Security team is responsible for securing one of the top Social Enterprise Networks in the world. Our Mission is to build trust with both external and internal customers.

    We accomplish this by listening to the needs of our customers and creating solutions that are not just secure but usable.

    As an engineer on the team, you will be responsible for securing new Yammer features which include integration features with other products in the O365 suite.

    There will also be opportunities to work in other areas as such as Compliance, Infra Security and Privacy.

    Our stack :

  • Linux on Azure
  • Java and Ruby micro services, deployed as docker containers
  • Graph QL, DropWizard, Rails REST APIs
  • Postgres / CosmosDB / Kafka / RabbitMQ / Redis storage and queuing
  • Mesos container orchestration, HAProxy-based service mesh
  • Wavefront metrics, Azure Data Explorer log aggregation, PagerDuty alerting
  • Responsibilities

  • Triage security vulnerabilities
  • Threat modeling new product features
  • Security assessments of web and mobile clients
  • Perform security codereviews
  • Implementing defense in depth mechanisms to prevent securityvulnerabilities
  • Contribute to our on-callrotation
  • Basic Qualifications

  • BS in Computer Science or equivalent work experience
  • 3+ Years of experience in security
  • Knowledge of OWASP Top 10
  • Java or Ruby, Graph QL, REST, proficiency
  • Preferred Qualifications / Attributes

  • Experience threat modeling new features
  • Efficient with Web Proxies such as BURP or Fiddler
  • Great communication skills
  • Understanding of Oauth and JWT implementations.
  • Reportar esta oferta
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación