About Udemy

Udemy is the world’s largest education platform with more than 30 million monthly visitors.  Through our Consumer and Enterprise businesses, Udemy creates new possibilities for people and organizations everywhere by connecting them to the knowledge and skills they need to succeed in a changing world. 

The Udemy consumer marketplace offers thousands of up-to-date courses in dozens of languages and provides the tools learners and instructors need to achieve their goals and reach their full potential. 

For companies, Udemy Business (UB) offers an employee training and development platform with subscription access to thousands of courses, learning analytics, as well as the ability to host and distribute their own content. Our enterprise platform is among the fastest growing SaaS businesses in the world.  UB has more than 10,000 customers and serves the majority of the Fortune 100. 

We are proud to be recognized for our world class employee experience:

Business Insider SF: Best Places to Work Bay Area

Built In Colorado: Best Places to Work

Best Workplaces (Great Place to Work List): #1 in Turkey

Certified Best Place to Work:  Dublin

Fortune: Change the World Company

Udemy is headquartered in San Francisco with hubs in Ankara, Turkey; Austin, Texas; Boston, Massachusetts; Mountain View, California; Denver, Colorado; Dublin, Ireland; Melbourne, Australia; New Delhi, India; and Sao Paulo, Brazil.

Information regarding data privacy is available within the Udemy Careers Privacy Notice.

About The Role:

The Information Security team is looking for an experienced Security Engineer to assist with the execution and continued development of the Information security program.  

The Security Engineer will be responsible for supporting Security Operations in our Production and Corporate infrastructure and reports to the Director of Information Security. The candidate will provide support to detect, respond, mitigate, and report cyber threats and attacks. You will also monitor threat and vulnerability monitoring sources to understand current risk and recommend response and mitigation strategies.  

The candidate will work cross-functionally and will support personnel on technical and non-technical security risks and detected activity. 

Primary Responsibilities:

• Perform security event analysis, prioritize response, and lead internal teams during security incidents.
• Integrate security tools and configurations using automation solutions and code.
• SIEM monitoring and analysis of system, application, and user exploitation attempts.
• Collecting, analyzing, and interpreting forensics evidence, supporting legal and compliance requirements.
• Respond to compliance requests by collecting, analyzing, and interpreting audit evidence.
• Provide vulnerability remediation guidance for timely mitigation of application and system weaknesses.
• Support Software engineering build and continuous integration/continuous delivery (CI/CD) for web and mobile applications.
• Perform technical security reviews for new product, vendor, & technology implementations.

Qualifications:

• 3-5 years experience working in a Security Operations Centre or similar hands-on role.
• Experience in regulated environments subject to PCI-DSS, SOC 2, Sarbanes-Oxley, or Privacy regulations.
• Experience with the following: Patch management tools, Single Sign-on (SSO), Security Information and Event Management (SIEM), Anti-Virus (AV), Firewall Policies, SDLC concepts, and Vulnerability Assessment tools.
• Knowledge of network and security concepts and protocols (Zero-Trust, DNS, SMTP, SFTP, SSH, etc.)
• Experience working with Cloud Service Provider platforms such as AWS and the tools used to manage day-to-day activities.
• Possess the ability to contribute application code to automate security operations tasks.

Preferred:

• College Degree and ISC2, ISACA, GIAC, or other relevant industry certifications, or equivalent work experience
• Operational Security experience in a Software-As-A-Service organization