About Linkedin
LinkedIn is the world’s largest professional network, built to create economic opportunity for every member of the global workforce. Our products help people make powerful connections, discover exciting opportunities, build necessary skills, and gain valuable insights every day. We’re also committed to providing transformational opportunities for our own employees by investing in their growth. We aspire to create a culture that’s built on trust, care, inclusion, and fun – where everyone can succeed.
This role will be based in Bangalore, India.
At LinkedIn, we trust each other to do our best work where it works best for us and our teams. This role offers a hybrid work option, meaning you can both work from home and commute to a LinkedIn office, depending on what’s best for you and when it is important for your team to be together.
About the team
LinkedIn's members entrust us with their information every day and we take their security seriously. Our core value of putting our members first powers all the decisions we make, including how we manage and protect the data of our members and customers. Information Security at LinkedIn is dedicated to protecting and securing business-critical member data and company assets. Our core mission is to empower LinkedIn to create a secure and thriving platform for every member of the global workforce. The Product Security team strives to proactively safeguard our products, applications, and infrastructure by identifying, assessing, and mitigating security and privacy risks. We are dedicated to protecting our members by researching evolving threats and attack vectors, identifying vulnerabilities, and providing security consultation to minimize potential risks. We invest significantly in automation and focus on high impact engineering projects that detect security risks.
Responsibilities:
- Research threats and attack vectors that impact LinkedIn's applications and infrastructure.
- Assess new and existing applications and system deployments for vulnerabilities and design flaws, and prioritize remediation efforts based on risk.
- Devise and bolster defenses through secure-by-default frameworks, architectures, and processes.
- Engage with Product, Infrastructure and Engineering teams to build threat models, design secure systems, perform security penetration tests and secure code reviews at a recurring cadence.
- Build, maintain and enhance source code scanning capabilities to detect security vulnerabilities.
- Maintain and build improvements to systems supporting supply chain assurance.
- Design and implement custom solutions that can identify and help mitigate security vulnerabilities at scale.
- Engage in quarterly purple team activities focused on breaking and hardening critical systems in the LinkedIn ecosystem.
- Evaluate new products and technologies, including potential acquisitions.
- Respond to external vulnerability researcher inquiries and vulnerability reports.
- Educate and advocate for security improvement throughout the LinkedIn ecosystem through mentorship and coaching.
Basic Qualifications
- 4+ years experience and in-depth knowledge of application security, authentication and security protocols, cryptography, supply chain security and mobile security.
- 4+ years experience in various security assessment methodologies such as threat modeling, design reviews, penetration testing and vulnerability assessment.
- Experience designing and implementing tooling that detects and mitigate security vulnerabilities
- Experience with programming languages such as Java, GoLang or Python
Preferred Qualifications
- Experience with security research, bug bounty and CTF competitions
- Experience with codeql, semgrep and GitHub integration workflows
- Ability to work across teams and communicate concisely and clearly to stakeholders
Suggested Skills:
- Cyber Security
- Application Security
- Software Development
You will Benefit from our Culture:
We strongly believe in the well-being of our employees and their families. That is why we offer generous health and wellness programs and time away for employees of all levels.
India Disability Policy
LinkedIn is an equal employment opportunity employer offering opportunities to all job seekers, including individuals with disabilities. For more information on our equal opportunity policy, please visit https://legal.linkedin.com/content/dam/legal/Policy_India_EqualOppPWD_9-12-2023.pdf
Global Data Privacy Notice for Job Candidates
This document provides transparency around the way in which LinkedIn handles personal data of employees and job applicants: https://legal.linkedin.com/candidate-portal
