Do you like to find creative ways to protect against security vulnerabilities?
Do you like writing software across the entire stack and working with petabytes of data to solve challenging problems?
TripAdvisor is seeking a software engineer with experience (or strong interest) in application security to join our Technology and Infrastructure Team. In this role you will be tasked with ensuring that TripAdvisor’s website is secure from external abuse and appropriately protects our users’ data. You will develop and maintain the processes and monitoring necessary to identify security vulnerabilities within the TripAdvisor site. Additionally, you will provide security guidance to our engineering and product teams in support of their products.

Don’t have 5 years of application security experience? No problem! We’re looking for someone with strong problem solving and application development experience. If you have these skills and an strong interest in application security, we’ll train you!
Responsibilities

• Identify software security vulnerabilities within TripAdvisor and articulate their importance and relevance to our business.
• Implement software changes to improve TripAdvisor’s security stance.
• Define metrics, and implement related reports and alerts to raise awareness of issues on the TripAdvisor website.
• Work with TripAdvisor IT, Operations Staff, Product Managers, and Software Engineers to prevent and resolve vulnerabilities and PII leaks.
• Work with the Technology & Infrastructure team lead to define software development policy and govern implementation to assure adherence to standards.

Qualifications

• Relevant work experience applying security practices to software development.
• In-depth knowledge of common Internet vulnerabilities and techniques to identify and fix them.
• B.S. or M.S. Computer Science, or equivalent experience.
• A solid foundation in computer science, with strong competencies in data structures, algorithms, and Object Oriented Software Design
• 4+ years of large scale, full life cycle web development experience
• Java (or similar language) development experience in a Linux environment.
• Strong analytical, problem-solving, and communication skills.
• Experience with security tools for static code analysis and penetration testing are a plus.
• Contributions to the security community are a plus.

*LI-RF1