About our team
When you impact millions of people every day, you become a large target for adversaries of all types within all layers of the stack. Our job is to keep our users safe and make Yahoo one of the safest places on the Internet.
We are the information security team at Yahoo; known as "The Paranoids".
As a Validation Control engineer on the Network, Access and Identity (NAI) team, you will be a part of the team charged with oversight of network permission, identity structures, and the access granted to understand the overall access permissions posture of Yahoo. You will play a key role in defending millions of internal and external Yahoo users and ensuring we are doing everything in our power to keep them safe.
As part of this team, you will be responsible for reviewing and validating our network posture in the cloud and on-prem. This includes reviewing access control lists, security groups, firewall policies, and other infrastructure that we use to secure our network and protect our customers.
Ideal Candidate
Highly responsible, self-motivated, individual with leadership skills
Results oriented persona with the ability to adapt to a constantly changing technical environment
Energetic and fast paced individual who thrives in a high growth, entrepreneurial environment
Excellent organizational and follow up skills
Excellent interpersonal, written and verbal communication skills
Role and Responsibilities:
Work alongside a team of security architects and engineers who will review and design network, cloud, and identity access control solutions.
Work as a part of a team of security auditors who will perform network, access, and identity audits.
Gather audit requirements for our internal audits from various stakeholders within and outside of our organization, formulate an audit plan and start the process.
Automate audit capabilities wherever possible.
Qualifications:
Bachelor’s degree in a technical discipline (e.g., Computer Science, Engineering, Information Security) or equivalent practical experience
3 - 5 years of experience in Network Security, Cloud Security, GRC, or a closely related field
Familiarity with regulatory compliance requirements (e.g., PCI, GDPR, HIPAA, SOX) as they apply to identity and network security
Hands-on cloud security experience with AWS and/or GCP, including identity and access management, network policy enforcement, and configuration compliance
Experience in data visualization and dashboarding; knowledge of platforms such as Databricks is a plus
Deep understanding of network security principles, including firewalls and intrusion detection/prevention systems; experience with enterprise-grade platforms preferred
Proficient in automating security and compliance checks at scale using Python and cloud SDKs
Experience with automated or AI-enabled auditing and monitoring tools at scale
Strong foundation in network protocols, system intrusion techniques, VPNs, and IAM frameworks
Demonstrated expertise in firewall administration and policy management
Comfortable working with productivity and collaboration tools such as Google Workspace, macOS, Jira, Confluence, and Slack
The material job duties and responsibilities of this role include those listed above as well as adhering to Yahoo policies; exercising sound judgment; working effectively, safely and inclusively with others; exhibiting trustworthiness and meeting expectations; and safeguarding business operations and brand integrity.
At Yahoo, we offer flexible hybrid work options that our employees love! While most roles don’t require regular office attendance, you may occasionally be asked to attend in-person events or team sessions. You’ll always get notice to make arrangements. Your recruiter will let you know if a specific job requires regular attendance at a Yahoo office or facility. If you have any questions about how this applies to the role, just ask the recruiter!
Yahoo is proud to be an equal opportunity workplace. All qualified applicants will receive consideration for employment without regard to, and will not be discriminated against based on age, race, gender, color, religion, national origin, sexual orientation, gender identity, veteran status, disability or any other protected category. Yahoo will consider for employment qualified applicants with criminal histories in a manner consistent with applicable law. Yahoo is dedicated to providing an accessible environment for all candidates during the application process and for employees during their employment. If you need accessibility assistance and/or a reasonable accommodation due to a disability, please submit a request via the Accommodation Request Form (www.yahooinc.com/careers/contact-us.html) or call +1.866.772.3182. Requests and calls received for non-disability related issues, such as following up on an application, will not receive a response.
We believe that a diverse and inclusive workplace strengthens Yahoo and deepens our relationships. When you support everyone to be their best selves, they spark discovery, innovation and creativity. Among other efforts, our 11 employee resource groups (ERGs) enhance a culture of belonging with programs, events and fellowship that help educate, support and create a workplace where all feel welcome.
The compensation for this position ranges from $111,000.00 - $231,250.00/yr and will vary depending on factors such as your location, skills and experience.The compensation package may also include incentive compensation opportunities in the form of discretionary annual bonus or commissions. Our comprehensive benefits include healthcare, a great 401k, backup childcare, education stipends and much (much) more.Currently work for Yahoo? Please apply on our internal career site.