Infrastructure Security Engineer ensuring security for Yelp’s AWS and Google Cloud environments. Collaborating with security engineers to enhance cloud and corporate security posture.
Responsibilities
Design, implement, operationalize and maintain systems that ensure the security of Yelp’s AWS and Google Cloud Platform (GCP) environments, focusing on least privilege, containerization, and developer efficiency
Develop and enforce data security controls to support privacy initiatives, including data mapping and data retention
Manage system-level access controls (such as Linux, Docker, Kubernetes), and tiered access for internal digital assets, balancing strict authentication/authorization with usability
Create, extend, and monitor company-wide security standards, proactively identifying and correcting insecure usage across Yelp
Develop and operationalize telemetry, reporting, and alerting systems to collect and analyze security-related data
Conduct timely vulnerability identification, assessment, and remediation across Yelp’s infrastructure, applications, and services
Participate in a robust on-call rotation, respond to security incidents, and contribute to proactive threat modeling and system reviews
Mentor other engineers passing on your skills, and serve as a resource in our #security Slack channel by promoting best practices and offering your expertise across the organization.
Requirements
Experience building secure, scalable, and distributed cloud environments (preferably on AWS and GCP)
Familiarity with modern access controls and authentication mechanisms (Linux, Docker, Kubernetes, IAM, etc.)
Proficient in at least one programming language (e.g., Python, Java, JavaScript, C) and in designing well-structured APIs
Passion for automation to streamline security policy enforcement, detection, and response
Strong analytical skills and a proactive approach to vulnerability assessment and threat modeling
Effective communicator, able to collaborate across diverse teams and provide security guidance in a constructive, approachable manner
Committed to continuous learning, knowledge sharing, and staying current with evolving security trends.
Hiring a Threat Modeler / Security Architect with development background for hybrid full - time role in Canada, focusing on application security, threat modeling, and DevSecOps.
Network and Perimeter Security IT Specialist I at Enbridge overseeing enterprise security architecture and leading large - scale security initiatives. Collaborating across teams to ensure secure solutions and compliance.
Network & Perimeter Security Specialist II - Firewall at Enbridge enhancing security architectures. Providing technical leadership and driving enterprise standards for firewall and network security.
Lead critical cybersecurity transformation programmes at Hewlett Packard Enterprise, ensuring alignment with enterprise priorities and delivering complex initiatives. Collaborate with IT, cybersecurity, and business leaders.
Staff Engineer responsible for designing scalable security solutions and collaborating with engineering at Twilio. Empowering security partnerships across products and platforms while mitigating risks.
Head of Infrastructure & Security responsible for cloud infrastructure on GCP and security programs. Leading SaaS development and technical teams at Rebus and Longbow Advantage.
Information Security Lead responsible for managing security programs at Dentons Canada. Overseeing security architecture, operations, incident response, and data protection initiatives.
Cybersecurity expert overseeing information defense, threat detection, and incident response at Investissement Québec. Leading security operations and leveraging AI for effective asset protection.
Lead cybersecurity initiatives and develop strategy for public broadcaster CBC/Radio - Canada. Shape technology road map, collaborate on enterprise architecture, and ensure policy compliance.