Staff Software Engineer, Platform Security

Discord is used by over 200 million people every month for many different reasons, but there’s one thing that nearly everyone does on our platform: play video games. Over 90% of our users play games, spending a combined 1.5 billion hours playing thousands of unique titles on Discord each month. Discord plays a uniquely important role in the future of gaming. We are focused on making it easier and more fun for people to talk and hang out before, during, and after playing games.

More broadly, Discord is about empowering people to find belonging in all kinds of communities, and those people trust us to keep their communications safe. Our Platform Security Engineering team protects the systems we use to create Discord, making the “secure way” the “easy way.”

We’re looking for a Staff Engineer to advance this mission through security expertise, software development, and operational excellence. In this technical leadership role, you’ll articulate and pursue the most leveraged opportunities to reduce security risk across Engineering, designing and building lovable “paved paths” for managing identities and access, shipping code, configuring cloud infrastructure, and operating services.

If you’re a security engineer who’s deeply curious, eager to own technically and socially complex projects, and excited to improve security and privacy at Discord, read on!

What you'll do

• Shape company-wide security strategy and lead software engineering projects on a highly-autonomous and horizontally-integrated team with a lot of leverage. This is a code-forward role!
• Develop and apply best-in-class secure baselines for cloud infrastructure.
• Secure first- and third-party software supply chains, from the dev environment through CI/CD and into production.
• Build and own identity and access management (IAM) systems that are user-friendly and promote least privilege.
• Manage infrastructure vulnerabilities while supporting rapid growth for Engineering.
• Consult on risk assessments, architectural designs, threat models, code reviews, and more—pragmatically balancing security with other business considerations.

Example projects

• Support IAM with scalable platform solutions (check out https://discord.com/blog/access-a-new-portal-for-managing-internal-authorization).
• Build tooling to prevent and address vulnerabilities across our infrastructure.
• Integrate service-to-service authentication and authorization into Discord’s internal developer platform.

What we look for

• 5+ years of experience building and operating production systems or infrastructure
• 5+ years of experience writing software in a general-purpose programming language (we mainly use Python and Rust)
• 4+ years of experience securing systems with millions of users
• Experience mentoring junior ICs and leading technical projects involving multiple engineers and spanning multiple quarters
• Experience designing and building software for customers (internal or external) beyond your immediate team
• Experience securing cloud environments (e.g. GCP, Cloudflare, AWS)
• Experience defining and orchestrating containers (e.g. via Kubernetes, Docker, Distroless, OCI)
• Familiarity with build and CI/CD technologies (e.g. Terraform, Bazel, Buildkite)
• Understanding of modern authentication and authorization concepts (e.g. RBAC, OAuth, Zero Trust network architectures, mTLS)

Bonus points if you have…

• Developed and debugged distributed systems atop GCP and Cloudflare
• Led complex migrations or risk management programs across an engineering organization
• A system to discover industry tools that can multiply your team’s impact
• Experience securing multi-cloud environments
• Built or operated a service mesh (e.g. Envoy, Istio)
• Managed and secured VMs or bare-metal hosts (e.g. Linux, Salt)