Security Engineer

About Us

At Udemy, we’re on a mission to improve lives through the power of learning. We’re a leading global learning company and one of the world’s largest education platforms, with more than 67 million learners. Our goal is to provide flexible, effective skill development to empower organizations and individuals. 

Talented people are everywhere, and the right opportunity can be hard to come by. That’s why we’re focused on revolutionizing learning, using our skills and expertise to help others develop theirs and reach their full potential. Individually, we bring our unique perspective to reimagine the way we share knowledge. Together, we can improve lives by making learning more accessible for our learners, our instructors, and businesses around the world.

Hybrid work

Udemy is headquartered in San Francisco and has global offices in Australia, India, Ireland, Türkiye, and other US locations. Our robust hybrid work model spans Ankara, Dublin, Mexico City, and Melbourne. This hybrid position requires two days per week in the office at the nearest hub.

About You

We seek a skilled and enthusiastic Security Engineer to join the Security Operations team to enhance the organization’s security posture. You will play a hands-on role in maintaining and improving the security on the platform, business systems, data and infrastructure. Conducting risk assessments and implementing security measures to reduce vulnerabilities, you thrive in a fast-paced environment and excel at solving complex security challenges.  Ability to work independently and collaboratively with the Global Customer Operations, IT, Product, and Engineering Development. 

About this role

• Increase visibility of the security presence across multi-layer audiences and operate with teams across multiple departments.

• Aligning security standards across our product development and systems by utilizing industry best practices and fostering a security culture throughout the organization

What you’ll be doing

• Investigate, analyze, and respond to security incidents, ensure timely remediation, conduct forensics analysis, and use SIEM vendor query language to identify and analyze product behaviours. 

• Monitor and respond to systems and networks for suspicious activities, vulnerabilities, and breaches.

• Participate in on-call rotation and BugBounty programmes to strengthen the business's security posture.

• Utilize AI to improve product security and hygiene. 

• Familiar with compliance industry regulations and frameworks (e.g., GDPR, ISO-27001) to ensure security event/incident triaging and remediations align with an agreed-upon set of compliance requirements.

What you’ll have

• 4+ years of industry experience in information security, specifically threat/anomalies triaging, forensic analysis, and detection

• Proficient in security technologies such as SIEM/SOAR, EDR, IDS/IPS

• Hands-on experience with AWS Infrastructure and Terraform Automation. 

• Excellent verbal and written communication skills

• Strong knowledge of security concepts for threat hunting/analysis, anomaly detection rules, risk-based threats/vulnerability analysis

• Knowledge of modern authentication mechanisms (MFA, SSO, OAuth, Passwordless)

#LI-ST5