Key skills
Information SecurityComplianceISO 27001NISTSecurity EngineeringComputer SecurityNetwork SecurityAuthenticationSecurity ProtocolsCryptographySecurity ArchitectureCloud Systems InfrastructureCorporate NetworksAWSVulnerability AssessmentRisk ManagementSecurity Incident ResponseSecurity PoliciesSecurity ControlsSecurity AuditsSecurity StandardsSecurity DesignSales
About this role
Coursera is a leading online learning platform founded in 2012, aiming to provide universal access to world-class education. As a Senior Security Engineer, you will be responsible for designing and implementing security measures to protect user data and ensure compliance with regulatory requirements, while collaborating with various teams to enhance the company's security posture.
Responsibilities:
- Implement and manage the Information Security Program including security incident response, vulnerability management, data protection, and risk management
- Plan and execute vulnerability assessments of our products and services associated with cloud infrastructure
- Lead Cybersecurity Incident Response Team (CIRT): triage, respond to and investigate security incidents affecting platform and services
- Working with Sales, lead the response to customer questionnaires dealing with our security and data protection policies. Review Information Security and privacy related requirements in contracts and provide input to Legal Team
- Lead regulatory readiness assessments and development of appropriate compliance strategies (SOX, SOC2, FERPA, ISO27001, NIST, etc.)
- Documenting and maintaining security policies, standards, guidelines, processes and procedures, and other related documents, as requested, and representing the Security Team during internal and external audits
- Perform technical security assessments, architecture and design reviews of Coursera’s products, applications, services and cloud infrastructure
- Provide security expertise and guidance to all Coursera engineering and business teams
- Develop technical solutions to help mitigate security vulnerabilities
- Establishing and coordinating remediation and mitigation for identified security risks
- Ensuring technical security controls are in place, maintained and audited on a periodic basis
Requirements:
- 10+ years' of working experience in an Information Security and Compliance role
- Have solid knowledge of ISO 27001, NIST and other information security standards and have practical experience implementing these standards
- Solid foundation and good technical knowledge of security engineering, computer and network security, authentication, security protocols and cryptography
- 5+ years experience in security architecture and technical security designs for cloud systems infrastructure and corporate networks and systems
- 5+ years of AWS foundation services related to computing, networking, storage, content delivery, administration and security, deployment and management, instrumentation and automation technologies
- 5+ years of vulnerability assessments and risk management experience
- Certifications such as: CISSP, CISA, CISM, CCSP, AWS Architect or Certified Security is a plus