Staff Security Engineer, Data Security

at Airbnb
đź“Ť United States
USD 204,000-255,000 per year
SENIOR
âś… Remote

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 4 Distributed Systems @ 4 Leadership @ 4 Communication @ 4 CCPA @ 4 GDPR @ 4 API @ 4 Technical Leadership @ 4 Compliance @ 4

Details

Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way.

The community you will join

At Airbnb, we want to build a world where anyone can belong anywhere – and the first step in that direction is creating a community that’s open, inclusive, and built on trust. In a world where our digital presence and identity is as important as our physical presence, we believe that a fundamental part of earning this trust is by ensuring that we protect our users, the data they entrust to us, and our infrastructure. At Airbnb, our Information Security practices, and resulting trust, are part of the reason the world chooses to use and continue using our products.

The Information Security team plays a critical role in maintaining and building our community’s trust in our platform that enables millions of users to explore the world and belong anywhere. As a critical horizontal function within Airbnb, Information Security spans the scope of the company and organizations that make it up to secure Airbnb giving anyone who joins the team the ability to see all aspects of the business.

The difference you will make

As a Staff Security Engineer specializing in Data Security, you will be the primary architect and owner of Airbnb’s data protection strategy. You’ll partner with senior leaders across Information Security, Engineering, Product, Legal, Privacy, and Compliance to design, implement, and enforce robust protections, driving the vision for data security throughout the organization.

Responsibilities

  • Strategic ownership: define, drive, and continuously evolve a comprehensive data security strategy protecting data at rest (online/offline), in transit, and when shared with third parties. Set the long-term vision and roadmap for data security at Airbnb and work with partners to execute on it.
  • Technical leadership: design and oversee implementation of scalable, resilient protections for secure data storage and transfer, including encryption, key management, access controls, and secure data sharing frameworks. Provide expert guidance to engineering teams and influence architecture and system design decisions.
  • Third-party: establish and enforce policies, standards, and technical solutions for secure data transfer and integration with external partners, vendors, and APIs, while ensuring compliance with global regulatory requirements.
  • Risk management & governance: lead risk assessments and data security reviews for critical systems, products, and partners. Collaborate with Security Compliance, Privacy, and Legal to ensure practical compliance with global data protection laws (GDPR, CCPA, etc.).
  • Incident response: partner with security and engineering response teams to contribute to technical investigations of significant data security incidents, perform root cause analysis, and champion remediation. Drive continuous improvement from incidents.
  • Mentorship & enablement: mentor, coach, and up-level engineers across the organization on data security best practices. Develop and deliver training materials and documentation to empower both technical and non-technical teams.
  • Thought leadership: stay at the forefront of developments in data security. Influence Airbnb’s internal and external security posture by participating in industry forums, adopting emerging technologies, and publishing best practices.

Requirements

  • Bachelor’s or Master’s degree in Computer Science, Information Security, or related field (or equivalent practical experience).
  • 9+ years in security engineering roles with deep expertise in data security.
  • Deep, hands-on expertise with encryption, key management, secure data storage, secure data transfer, data loss prevention, and security in cloud environments.
  • Strong understanding of global data protection and privacy regulations (e.g., GDPR, CCPA, PCI-DSS, SOC2).
  • Demonstrated technical excellence designing, building, and scaling data security solutions across complex, distributed systems; ability to independently solve highly ambiguous technical problems with broad organizational impact.
  • Track record of owning and delivering long-term, cross-functional projects and roadmaps in data protection, directly driving key business outcomes.
  • Proven experience leading cross-functional initiatives and influencing organizational direction and architecture.
  • Exceptional communication, collaboration, and stakeholder management skills, including engaging with executives, non-technical partners, and external stakeholders to articulate risk and tradeoffs.
  • Commitment to fostering an inclusive, high-performing culture by developing others, promoting best practices, and leading by example.

Location

This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed with your manager. You must live in a state where Airbnb, Inc. has a registered entity (some states are excluded).

Compensation & benefits

  • Base pay range: $204,000 — $255,000 USD
  • This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits.

Our commitment to inclusion & belonging

Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement. We strive to provide a disability-inclusive application and interview process; reasonable accommodations are available upon request ([email protected]).