We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Staff Security Engineer at Coursera. Location Information: USA. Job Overview:. Coursera is an engineering-first company. Our teams are responsible for maintaining a scalable and reliable platform, in addition to building interactive products for the worldwide learner community. We are made up of teams ranging from Development Infrastructure, Growth, Learner/Consumer Experience, Content Platform, and SDET Engineering. Every day, Engineering teams collaborate with cross-functional partners, including other engineers, data scientists, and product managers.. Responsibilities:. Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management. Plan and execute vulnerability assessments of our products and services associated with cloud infrastructure.. Lead Cybersecurity Incident Response Team (CIRT): triage, respond to and investigate security incidents affecting platform and services. Lead regulatory readiness assessments and development of appropriate compliance strategies (SOX, SOC2, FERPA, ISO27001, NIST, etc.). Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits. Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies. Review Information Security and privacy related requirements in contracts and provide input to Legal Team. Perform technical security assessments, architecture and design reviews of Coursera’s products, applications, services and cloud infrastructure. Provide security expertise and guidance to all Coursera engineering and business teams. Develop technical solutions to help mitigate security vulnerabilities. Establishing and coordinating remediation and mitigation for identified security risks. Ensuring technical security controls are in place, maintained and audited on a periodic basis. Basic Qualifications:. 10+ years’ of working experience in an Information Security and Compliance role. Have solid knowledge of ISO 27001, NIST and other information security standards and have practical experience implementing these standards. Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and cryptography. 5+ years experience in security architecture and technical security designs for cloud systems infrastructure and corporate networks and systems. 5+ years of vulnerability assessments and penetration testing. 5+ years of AWS foundation services related to computing, networking, storage, content delivery, administration and security, deployment and management, instrumentation and automation technologies.. Preferred Qualifications:. Certifications such as: CISSP, CISA, CISM, CCSP, AWS Architect or Certified Security is a plus. If this opportunity interests you, you might like these courses on Coursera:. Secure Software Design. Enterprise and Infrastructure Security. IT Security: Defense against the digital dark arts. Compensation. US Zone 1: $160,000 to $230,000 USD. US Zone 2: $135,000 to $205,000 USD. US Zone 3: $125,000 to  $195,000 USD. The range(s) listed above is the expected annual base salary for this role, subject to change.. Salary is just one component of Coursera’s total rewards package. All regular employees are also eligible for a bonus program and equity in the form of RSU’s.. A number of factors are taken into account when determining pay, which includes: job level, location, training/education, business need, skill set and internal equity. . Current Zone Locations:. Zone 1- San Francisco Metro, New York City Metro or Seattle Metro. Zone 2 - CA (outside of SF Bay Area), CO, CT, DC, GA, IL, MA, MD, NY/NJ (other than NYC), OR, RI, TX, VA, WA (other than Seattle). Zone 3 - all other US locations.  .  .  .  . #PL-1