Senior Manager, Security Engineering

Details

Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way.

The Community You Will Join:

The Security team plays a critical role in maintaining and building our community’s trust in our platform that enables millions of users to explore the world and belong anywhere. As a critical horizontal function within Airbnb, Information Security spans the scope of the company and organizations that make it up to secure Airbnb giving anyone who joins the team the ability to see all aspects of the business.

The Difference You Will Make:

The Sr. Manager, Security Engineering will be responsible for continuing to advance and scale the technical preventions across our production, corp, and third party environments. This role will support the Infrastructure Security and Application Security functions with a focus on full tech stack security. This role and the teams they support will partner with our in-domain detection, response, and validation functions; our program management, product management, technical leadership, and software engineering functions; and key crossfunctional stakeholders to develop, plan, execute, measure, and improve the relevant in-domain security areas.

This role will be afforded a high degree of autonomy and will be looked at to further define capabilities and/or establish new ones to continue maturing and scaling the technical protections within their area of responsibility. The applicable scope is across prod, corp, and third parties inclusive of relevant technology, processes, and people. This role is intended to be highly cross-functional and expected to work in concert with complementary functions such as broader engineering functions, TPM, and relevant business partners. This role will ultimately be accountable for further establishing and driving the advancement of security protections in their space.

The person that fills this role will not be a security zealot. They understand the balance between business needs and how to mitigate security risk presented. They believe maintaining or improving our security posture does not come at the expense of friction while keeping stakeholder’s objectives in mind all the time. They do not think of security as a function that says no, and instead, view it as a function that helps find the path to yes, securely. They are comfortable that when the business makes a decision that may not be the most secure, it then becomes their job to help minimize the risk this decision presents.

What we're looking for:

• Effectively designed, scaled, and operated relevant functions in the past: candidate appreciates and understands the challenges related functions face from a staffing, coordination, cross-functional collaboration, and orchestrating many functions to achieve common long range outcomes. They have held a similar scoped role in the past or have directly supported 2 or more functions in which they will support in this role e.g. been a Mgr. AppSec and Mgr. of EntSec before. They have demonstrated leading their direct and cross-functional partner teams through similar transitions.
• People and engineering leadership: candidate has established and demonstrated experience leading engineering functions and demonstrated strong people management skills commensurate with the target level. They have supported senior ICs and managers alike in similar in-domain areas.
• Security Experience: given the breadth of this role and the primary focus on 1 & 2 above having higher weightings, we may not be able to find the unicorn we’re looking for that would also have the in-domain security experience and/or experience leading a program management function in security that also satisfies 1 & 2. Therefore, the security experience isn’t a must, and the weighting on this will be lower when evaluating candidates assuming the candidate has demonstrated successfully supporting others in multi-disciplined, technical fields. Further, adjacent experience in Privacy, Trust and Safety, Integrity, etc. functions w/ similar problem spaces will be a good proxy for success in InfoSec.
• Security Culture: the person is not a security zealot. Their expectations and approaches are practical and take business needs into consideration first to solve the security challenges. They limit friction and only introduce it as a last resort. They have a customer mindset and attempt to find the path to yes and don’t see security’s role today as no or to police. They are comfortable that when the business makes a decision that may not be the most secure and see it as an opportunity to help mitigate the risk while achieving business objectives.

Your Expertise:

• 8+ years managing people with at least 3 of those years supporting other managers
• Experience with AWS (GuardDuty, Lambda, Kinesis, S3, SNS, SQS, EC2, ...)
• Past experience in Software development
• Experience with Kubernetes or similar
• Demonstrated ability to support, scale, and advance like functions
• Deep understanding of strategic approaches and methodologies across the lifecycle of prevention, detection, response, and validation and how your teams fit in and are responsible for across these pillars and various programs that comprise Information Security.
• Experience of disciplines spans corporate and product infrastructure as well as third party tooling and infrastructure.

Your Location:

This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity.

Our Commitment To Inclusion & Belonging:

Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply.

We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application, please contact us at: [email protected].

How We'll Take Care of You:

Our job titles may span more than one career level. The actual base pay is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits.

Pay Range

$244,000 — $307,000 USD