About Udemy

Udemy is the world’s largest education platform with more than 30 million monthly visitors.  Through our Consumer and Enterprise businesses, Udemy creates new possibilities for people and organizations everywhere by connecting them to the knowledge and skills they need to succeed in a changing world. The Udemy consumer marketplace offers thousands of up-to-date courses in dozens of languages and provides the tools learners and instructors need to achieve their goals and reach their full potential. For companies, Udemy Business (UB) offers an employee training and development platform with subscription access to thousands of courses, learning analytics, as well as the ability to host and distribute their own content. Our enterprise platform is among the fastest growing SaaS businesses in the world.  UB has more than 10,000 customers and serves the majority of the Fortune 100. 

We are proud to be recognized for our world class employee experience:

Business Insider SF: Best Places to Work Bay Area

Built In Colorado: Best Places to Work

Best Workplaces (Great Place to Work List): #1 in Turkey

Certified Best Place to Work:  Dublin

Fortune: Change the World Company

Udemy is headquartered in San Francisco with hubs in Ankara, Turkey; Austin, Texas; Boston, Massachusetts; Mountain View, California; Denver, Colorado; Dublin, Ireland; Melbourne, Australia; New Delhi, India; and Sao Paulo, Brazil.

Information regarding data privacy is available within the Udemy Careers Privacy Notice.

Overview

As a developer on the Privacy team, you will be responsible for programs that implement the three A’s: Authentication, Authorization, and Accounting.  This domain will include managing the privacy of user accounts on an enterprise scale, implementing all elements of GDPR and related programs, and managing service calls in a security-conscious environment.  The projects will include greenfield project work on data locality, PII vaults, and zero-trust architectures. 

Key Responsibilities

• Design and implement new projects for PII vaults, integration with subprocessor APIs, and user-friendly reporting.  The work will primarily involve back-end coding, but there are front-end elements to most projects.
• Work with internal stakeholders to determine priorities for privacy concerns.
• Review technical designs and code review the work of other groups to ensure that privacy, authorization, and security concerns are adequately managed for proposed and in-flight projects. 
• Contribute to a team culture that values openness, inclusiveness, respect, quality, robustness, scalability, and humility while fostering innovation.
• Share related knowledge with the members of the wider engineering team through training and internal blogging.

Core Competencies

• Minimum four years of experience with web application technologies including HTTP, HTML, CSS, and JavaScript
• Minimum two years of experience with object-oriented languages, ideally Python or Kotlin
• Knowledge of object-oriented software design patterns and computer science fundamentals (e.g. data structures, algorithms) 
• Strong technical communication skills
• Testing methods, including unit and end-to-end tests

Nice to have

• Understanding of authentication technologies such as OAuth, SAML, OIDC, JWT
• Familiarity with practices around GDPR, CCPA, PIPL
• Understanding of compliance standards such as SOX, SOC-2, PCI, ISO 27001, FedRamp, HIPAA, HITECH, HITRUST.
• Knowledge of website security, such as headers, cookies, CORS, XSS, etc.
• Experience with modern Javascript frameworks (e.g., React, Angular, Vue, etc.).
• Experience with GraphQL, microservices, Istio or other service mesh architectures.
• Experience with Kubernetes, Docker or other containerization technologies.
• Experience with Cloud, SaaS, SQL, or Kafka.
• Understanding of top OWASP vulnerabilities.