Senior Software Engineer, Security Partner

Role Overview:

As a Software Engineer, Security Partner, you will play a crucial role in building and maintaining strong relationships with our internal and external partners to ensure the security and integrity of our systems and data. You will be a trusted advisor, working closely with various teams to identify security risks, develop mitigation strategies, and drive security features in products Reddit delivers. This role requires a blend of technical expertise, business acumen, and exceptional communication skills.

Responsibilities:

• Partnership Management:
• Develop and maintain strong relationships with key internal stakeholders (engineering, product, legal, etc.) and external partners (vendors, clients, etc.).
• Act as a primary point of contact for security-related inquiries and issues for a particular subset of Reddit products.
• Facilitate effective communication and collaboration between security teams and partner organizations.
• Security Risk Assessment & Mitigation:
• Conduct threat modeling assessments of partner integrations, collaborations, and planned features.
• Identify and evaluate potential security vulnerabilities and develop mitigation strategies.
• Make recommendations and ship those recommendations with partner development teams to mitigate identified risks.
• Ensure compliance with relevant security standards and regulations.

• Security Awareness & Training:
• Promote security awareness and best practices among partners and internal teams.
• Develop and deliver security training materials and presentations.
• Stay up-to-date on the latest security trends and technologies.
• Evangelize paved paths developed by Reddit security teams for adoption within product teams they cover.
• Software Engineering
• Perform peer reviews of code related to security and privacy components. 
• Able to provide input and value to technical design discussions and decisions that touch on security and reliability features.
• Act as a glue between infrastructure and development teams, flexing security troubleshooting skillset and ability to connect the dots and cross functional problems.
• Incident Response:
• Participate in security incident response activities, providing technical expertise and support related to product security incident response.
• Conduct post-incident reviews and develop recommendations for improvement.

Qualifications:

• Deep experience with Golang programming languages, and familiarity with DevOps technologies and capabilities to deploy code to production environments.
• Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
• 5+ years of experience in security partnerships, information security, or a related role.   
• Strong understanding of security principles, best practices, and industry standards (e.g., ISO 27001, NIST, SOX).
• Experience with threat modeling, security risk assessment and mitigation techniques.
• Excellent communication, interpersonal, and presentation skills.
• Ability to work effectively in a fast-paced, dynamic environment.   
• Strong project management skills and ability to manage multiple priorities.
• Knowledge of cloud security (AWS, GCP), infrastructure components (Redis, Postgres, Cassandra), and distributed systems design.
• Experience with vendor security assessments.
• Experience with security compliance.

Preferred Qualifications:

• Experience with security automation, tooling, and LLM/AI usage.
• Software engineering experience in a production environment.
• Mobile security experience (native apps and mobile SDKs)  

Ideal Candidates

• Strong Development Foundation with Leadership Potential: You are a highly skilled developer with a proven ability to lead and mentor teams. Development proficiency is prioritized, with security expertise being a valuable, but secondary, asset.
• Clear and Impactful Communication: You effectively convey complex security insights to diverse audiences, both in written and verbal formats.
• Collaborative Partnership: You readily establish and maintain strong relationships with cross-functional teams and stakeholders.
• Broad and Deep Security Expertise (Beneficial): While development is key, a comprehensive understanding of various Information Security domains, with specialized depth in key areas, is a plus.
• Proven Program Development and Measurement: You have a track record of building and scaling successful security services and programs, and you understand how to quantify their impact.
• Proactive and Adaptable: You are highly self-motivated and thrive in environments characterized by ambiguity and change.
• Inclusive Team Leadership: You foster a safe and inclusive team environment, empowering members to perform at their peak.

Benefits:

• Comprehensive Healthcare Benefits and Income Replacement Programs
• 401k Match
• Family Planning Support
• Gender-Affirming Care
• Mental Health & Coaching Benefits
• Flexible Vacation & Reddit Global Days off
• Generous paid Parental Leave  
• Paid Volunteer time off