Senior Security Engineer

As a Sr. Security Engineer you will play a critical role in designing, building, and scaling the systems, processes, and controls that protect the company and our users’ data and ensure trust in our products. Working as part of the Information Security team, you will partner closely with Engineering, IT, Sales, Legal, and other cross-functional stakeholders to embed security principles into our infrastructure and translate regulatory requirements into scalable technical solutions.

This is a hands-on role for a senior individual contributor who thrives at the intersection of security, risk management, and infrastructure. You will shape how we discover, classify, and protect information, lead security risk mitigation efforts, and help evolve our security capabilities as the company grows.

• →Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management
• →Plan and execute vulnerability assessments of our products and services associated with cloud infrastructure.
• →Lead Cybersecurity Incident Response Team (CIRT): triage, respond to and investigate security incidents affecting platform and services
• →Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies. Review Information Security and privacy related requirements in contracts and provide input to Legal Team
• →Lead regulatory readiness assessments and development of appropriate compliance strategies (SOX, SOC2, FERPA, ISO27001, NIST, etc.)
• →Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits
• →Perform technical security assessments, architecture and design reviews of Coursera’s products, applications, services and cloud infrastructure
• →Provide security expertise and guidance to all Coursera engineering and business teams
• →Develop technical solutions to help mitigate security vulnerabilities
• →Establishing and coordinating remediation and mitigation for identified security risks
• →Ensuring technical security controls are in place, maintained and audited on a periodic basis

• 10+ years’ of working experience in an Information Security and Compliance role
• Have solid knowledge of ISO 27001, NIST and other information security standards and have practical experience implementing these standards
• Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and cryptography
• 5+ years experience in security architecture and technical security designs for cloud systems infrastructure and corporate networks and systems
• 5+ years of AWS foundation services related to computing, networking, storage, content delivery, administration and security, deployment and management, instrumentation and automation technologies.
• 5+ years of vulnerability assessments and risk management experience

• Certifications such as: CISSP, CISA, CISM, CCSP, AWS Architect or Certified Security is a plus

If this opportunity interests you, you might like these courses on Coursera:

• Secure Software Design
• Enterprise and Infrastructure Security
• IT Security: Defense against the digital dark arts