Lead Software Development Engineer, InfoSec

Req. #: R24763

Location: Chicago – IL – US

Additional Locations: Seattle, WA, US

Category: Technology & Product

Groupon is an experiences marketplace that brings people more ways to get the most out of their city or wherever they may be. By enabling real-time mobile commerce across local businesses, live events and travel destinations, Groupon helps people find and discover experiences––big and small, new and familiar––that make for a full, fun and rewarding life. Groupon helps local businesses grow and strengthen customer relationships––resulting in strong, vibrant communities. Even with thousands of employees spread across multiple continents, we still maintain a culture that inspires innovation, rewards risk-taking and celebrates success.

Groupon’s Information Security team is seeking a sharp Lead Software Development Engineer with a background in designing and implementing security solutions, including those in cloud environments such as AWS. Primary responsibilities will be the development and enhancement of in-house security infrastructure such as certificate authorities and non-key-based authorization systems, as well as design and development work for sub-systems that are used across the ecosystem for security, such as web proxies. This candidate will also liaison with other infrastructure, and development teams within Groupon to ensure the safety of Groupon’s applications, customer data, and to protect systems from unauthorized access and abuse.

 As Lead Software Development Engineer working on Groupon’s security, you will initially focus on the design, configuration, deployment, and management of security across a diverse team of infrastructure teams, software engineers, and system architects.  You will work with these teams to determine and implement application security mechanisms for existing and new systems, either as software-based systems, or systems configuration with changes being managed as code via technologies such as Terraform and/or CloudFormation.  Additional responsibilities include the ability to work on web traffic routing layers such as Envoy Proxy and help responsible teams design and implement security such as mutual TLS on those layers.

 This role will encompass an environment consisting of physical, virtual, and especially cloud-based application hosts running a variety of server software directly on hosts or within containerized environments such as Kubernetes.  We expect you to have knowledge of functionality such as EKS, ACM, RAM, Lambda, and IAM, and will be able to prescribe application security solutions. 

We're a "best of both worlds" kind of company. We're big enough to have resources and scale, but small enough that a single person has a surprising amount of autonomy and can make a meaningful impact. We're curious, fun, a little intense, and kind of obsessed with helping local businesses thrive. Does that sound like a compelling place to work?

Our development ecosystem:

• Languages: Java, Ruby on Rails

• Node/Express JS

• MySQL/PostgreSQL

• REST/JSON

• Deployment to AWS as code

• GitHub

• JIRA

You’ll spend time on the following:

• Implement new security technologies as required to support a dynamic/challenging business environment.

• Improve processes through automation to increase security maturity.

• Managing a set of security controls defining the configuration-as-code.

• Act as the Subject Matter Expert (SME) for application security and secure coding practices within Groupon

• Work as a peer to technical leaders in engineering disciplines such as platform architecture, software development, network, and system administration.

• Manage change control policy and procedures.

• Provide technical and limited operational security support to IT, Engineering, Legal, and business units

• Maintain knowledge of the latest active security threats

• Help to prevent known vulnerabilities from getting to production.

• Effectively work across a geographically distributed team environment

• Maintain a high degree of self-sufficiency, ownership, and pride of deliverables

• Assist in the maintenance/development of security policies and procedures.

We’re excited about you if you have:

• BS, MS or PhD in Computer Sciences or related fields with 7+ years in software development and/or DevOps, ideally using Java, Python and C#.

• 2+ years of experience securing applications in AWS or equivalent

• Expert-level experience with cloud automation-enabling tools such as CloudFormation and/or Terraform

• Hands-on experience designing usage and implementation of AWS native technologies such as Security Groups, IAM, S3, Secrets Manager, CloudTrail monitoring, etc.

• Hands-on experience with containerized applications running in a Kubernetes environment

• Functional ability as a Linux sysadmin with scripting experience

• Strong knowledge of networking and web related protocols (e.g., TCP, UDP, IPSEC, HTTP, HTTPS, network routing protocols)

• Experience working with many network security controls (Routers, Firewalls, Proxies, ACL’s, Wireless networking protocols), in particular their cloud-native equivalents

• Professional security certifications are nice-to-have but not required.

• Knowledge of PCI, SOX 404, Safe Harbor, and other regulations/standards.

We value engineers who are:

• Customer-focused: We believe that doing what’s right for the customer is ultimately what will drive our business forward.

• Obsessed with quality: Your production code just works & scales linearly

• Team players. You believe that more can be achieved together. You listen to feedback and also provide supportive feedback to help others grow/improve.

• Fast learners: We are willing to disrupt our existing business to trial new products and solutions. You love learning how to use new technologies and then rapidly apply them to new problems.

• Pragmatic: We do things quickly to learn what our customers desire. You know when it’s appropriate to take shortcuts that don’t sacrifice quality or maintainability.

• Owners: Engineers at Groupon know how to positively impact the business.

Groupon’s purpose is to build strong communities through thriving small businesses. To learn more about the world’s largest local ecommerce marketplace, click here for the latest Groupon news. Plus, be sure to check out the values that shape our culture, guide our strategy and make our company a great place to work. And just don’t take our word for it. Hear from real Groupon team members and learn more about our inclusive employee groups. If all of this sounds like something that’s a great fit for you, then click apply and let’s see where this takes us. 

Groupon is an Equal Opportunity Employer

Qualifications for employment, promotion, and other terms and conditions of employment are based upon the ability to perform the job. Equal-employment opportunities are provided to all applicants and employees without regard to race, creed, religion, color, age, national origin, sex, disability, medical condition, sexual orientation, gender identity or expression, genetic information, ancestry, marital status, military discharge status (excluding dishonorable discharge), veteran status, citizenship status, or other legally protected status. We are all responsible for maintaining this policy. Groupon is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may email us at hraccommodations at groupon.com. If you have concerns related to Groupon’s equal employment opportunities, you may contact Groupon’s Ethics Reporting Service Ethicspoint.