As a senior manager on the Privacy/Application Security team, you will be responsible for programs that implement the three A’s: Authentication, Authorization, and Accounting. This domain will include managing the privacy of user accounts on an enterprise scale, managing secrets, and managing service calls in a security-conscious environment. The projects will include new development work on data locality, PII vaults, and zero-trust architectures. We focus on improving code quality and making work easier for everyone. How we work Our teams have a high degree of autonomy to define their mission, vision, strategy and select and prioritise the projects to work on in order to deliver the business results to our customers. Our team members come from various backgrounds and we strongly believe that diversity, open-mindedness, and good communication yield the best results. We work collaboratively and cross-functionally, taking ownership of doing the right things and getting them done. We are looking for someone to join the team who has demonstrable experience in some of the areas listed below and a desire to learn and master anything else that comes their way - we are a learning company after all!Key Responsibilities
Build and manage teams dedicated to Privacy and Security
Work with internal stakeholders to determine priorities for privacy and security concerns.
Review technical designs and code-review the work of other groups to ensure that security, privacy, authorization, and application security concerns are adequately managed for proposed and in-flight projects.
Participate in security incident responses when needed.
Plan, organize, and complete work within agile sprints using common DevOps guidelines, with a heavy focus on testing, CI/CD, and automated monitoring.
Grow and nourish a team culture that values openness, inclusiveness, respect, quality, robustness, scalability, and humility while fostering innovation.
Share related knowledge with the members of the wider engineering team through training and internal blogging.
Minimum two years of experience with object-oriented languages (Java or Kotlin), ideally scripting languages like Python, Ruby, or PHP.
Experience operating in public cloud environments (e.g., AWS, GCP, Azure).(do we require this?)
Knowledge of networking protocols (TCP/IP, DNS, HTTP/TLS)
Good knowledge of website security, such as headers, cookies, CORS, XSS, etc.
Good understanding of authentication technologies such as OAuth, SAML, OIDC, JWT
Strong technical communication skills
Knowledge of object-oriented software design patterns and computer science fundamentals (e.g. data structures, algorithms)T
Testing methods, including unit and end-to-end tests
Nice to have
Familiarity with practices around GDPR, CCPA, PIPL
Experience with microservices, Istio or other service mesh architectures.
Experience with Kubernetes, Docker or other containerization technologies.
Understanding of any security-related compliance practices such as SOX, SOC-2, PCI, ISO 27001, HITECH, HITRUST.
Good understanding of each OWASP top 10 vulnerability
Experience with hacking, pentesting, and offensive security tools (e.g., Burp Suite, Kali Linux, Nmap, Ghidra, IDA Pro, John the Ripper, Metasploit, Frida)
Experience with defensive tools (Any WAF, any SIEM, any security-oriented log analysis).
Contributions to open source projects
What are some of the benefits of working at Udemy? Best in class employee training and onboardingAnnual education allowance with unlimited access to the Udemy learning platformPensionHealth InsuranceDental planLife Assurance (x4 times your annual salary)Long term illness coverFree breakfast and lunch catered on-site25 days holidays plus additional company discretionary daysFlexible working hours (agreed with your manager)Gym discountsAn amazing culture of always learning and supporting each otherUBelong programs to foster inclusivity and being your authentic self at workWe have 38 different nationalities in our Dublin office aloneAnd lots more About UdemyWe believe anyone can build the life they imagine through online learning. Today, millions of students around the world are advancing their careers and passions by exploring and mastering new skills on Udemy, and expert instructors are able to share their knowledge with the world. Through our global marketplace and our solutions for businesses and governments, we connect people everywhere with the skills they need for success in work and life. We’re a close-knit bunch that enjoys problem-solving and collaboration, and we share a serious belief in the power of learning and teaching to change lives. Udemy’s culture encourages innovation, creativity, passion, and teamwork. We also celebrate our milestones and support each other every day. Founded in 2010, Udemy is publicly traded and headquartered in San Francisco’s SOMA neighborhood with offices in Denver (Colorado), Dublin (Ireland), Ankara (Turkey), Gurugram (India), and São Paulo (Brazil). Udemy in the NewsUdemy Adds More than $1 Billion To Its Valuation in New Funding RoundUdemy’s Workplace Learning Tool Just Surpassed $100M in ARRPaid Paternity Leave Should be the Norm in the U.S.Breakdown of Most In-Demand Skills for 2020Finance, Marketing, Sales and EngineeringHow Investing in Yourself Today Will Set You Up for Career Success TomorrowFeedback Isn’t the Problem, but the Way That We Deliver It Is Broken