SUMMARY

Yelp engineering culture is driven by our values: we’re a cooperative team that values individual authenticity and encourages creative solutions to problems. All new engineers deploy working code their first week, and we strive to broaden individual impact with support from managers, mentors, and teams. At the end of the day, we’re all about helping our users, growing as engineers, and having fun in a collaborative environment.
The Infrastructure Security (InfraSec) team at Yelp ensures the security of yelp.com and related properties. InfraSec is responsible for AWS cloud security with a focus on least privilege, containers and developer efficiency, building and enabling data security to support privacy initiatives and system level access controls, such as Linux, Docker and Kubernetes authorization. We develop and support company-wide standards for vulnerability management, authorization, authentication and data privacy, including implementations of these standards and monitoring and correcting insecure usage.
We’re looking for an Infrastructure Security (InfraSec) Engineer to join Yelp’s globally expanding Security team and help keep our cloud and corporate infrastructure, network, endpoints and applications safe.
In this role, you’ll work on improving our cloud and corporate security posture and capabilities. Together with the rest of our awesome security engineers, you’ll build custom solutions at scale with creativity and automation. You’ll also partner with our corporate infrastructure and IT teams to help architect the future of Yelp’s authentication, identity management, and network security systems.
This opportunity requires you to be located in the United Kingdom. We’d love to have you apply, even if you don’t feel you meet every single requirement in this posting. At Yelp, we’re looking for great people, not just those who simply check off all the boxes.

• Build and scope tools and infrastructure for automating security policy and enforcement.
• Improve and enhance vulnerability detection and response capabilities.
• Identify vulnerabilities through assessments, working with internal partners towards remediation and improvement of Yelp’s corporate environment and infrastructure.
• Help define policies and security best practices for IT, infrastructure, and other internal organization and third-party integrations.
• Review and offer feedback on security implications of software system designs submitted from across Yelp Engineering.
• Exhibit the strong communication ability needed to enforce rigorous security standards, while always playing well with others and partnering with diverse stakeholders to advance Yelp’s goals.
• Design, develop, and operationalize monitoring, correlation, and alerting capabilities for Yelp’s corporate network, infrastructure, and applications to identify suspicious or anomalous behavior.
• Participate in a regular on call rotation and occasional incident response.
• Help perform threat modeling across business applications and infrastructure integrations.