酷澎
Staff, Security Engineer - Coupang Play
Staff, Security Engineer - Coupang Play
发布于 大约 21 小时前普通员工/个人贡献者
Singapore, Singapore
高级经验
全职员工
仅现场办公
本科
GO
OAuth
CI/CD
PKI
Security Architecture
AI 估算 · 63k–95k
新加坡Staff安全工程师稀缺,薪资竞争力强;需掌握云安全、微服务等高端技能,市场溢价高。
职位详情
关于这个职位
作为Coupang Play的Staff Security Engineer,您将主导安全计划,设计并实现安全软件解决方案,保护OTT流媒体服务
您需要编写生产级代码,集成安全控制,并与工程团队合作确保安全最佳实践
适合资深安全工程师,专注于云安全、微服务安全及视频流媒体安全
最低要求
Bachelor's or master's degree in computer science, Information Security, or a related field, or equivalent practical experience
Strong software engineering skills with experience in building secure applications and services
Ability to write, review, and optimize code with security in mind (e.g., secure coding patterns, input validation, encryption)
Strong understanding of cryptography, PKI, secure authentication protocols, and authN/authZ in microservices environment
Expertise in network security (e.g., firewalls, VPNs, WAFs, micro-segmentation)
Expertise in security guardrails and tools integration into daily design/coding tasks and CI/CD pipelines
Proficient in securing services operating in a major cloud provider (AWS, Azure, or GCP)
Proficiency in at least one scripting language (Python or Bash) and one general-purpose programming language (Go or Node.js) for automation and tool development
Exceptional written and verbal communication skills, with the ability to articulate complex security risks to technical and non-technical audiences
Proven ability to lead projects, manage priorities, and meet deadlines
工作职责
Lead security initiatives and drive continuous improvement in our security posture to protect our critical assets and data from evolving threats.
Subject matter expert for our security technologies, ensuring security is embedded into all phases of our software development lifecycle.
Develop and maintain security-focused libraries, tools, and automation scripts to enforce security standards across services.
Collaborate with engineering teams to implement secure-by-design principles in code, APIs, and infrastructure.
Contribute to code reviews with a focus on identifying and remediating security vulnerabilities.
Actively partner with software, platform engineers, and Coupang Infosec to define, document, and enforce security policies, standards, and procedures.
Drive adoption of security best practices through hands-on implementation and mentorship.
Conduct security threat modeling for new and existing applications.
Evaluate, recommend, and implement security and governance tools.
Lead penetration testing and vulnerability assessments.
Act as a lead responder for security incidents, performing detailed analysis and forensic investigations.
优先资格
Production and security experience with video streaming and its data systems
Experience in securing applications running on consumer devices (e.g., Smart TVs, mobile apps) common in video Streaming platforms. This includes expertise in DRM integration, anti-tampering techniques, and device attestation
Experience contributing to open-source security tools or frameworks
Ability to speak and write in English in a professional environment
AWS Certified Security – Specialty or equivalent from Azure/GCP
AI 洞察
优缺点分析
优点
- Work on a high-traffic OTT platform with millions of daily users, solving challenging security problems at scale.
- Exposure to cutting-edge streaming tech, DRM, and consumer device security, enhancing your niche expertise.
- Company is publicly traded and part of a global giant, offering stability and resources for innovation.
- High level of responsibility for protecting critical content and user data, with potential on-call duties.
- Fast-paced environment requiring deep technical leadership and constant vigilance against evolving threats.
- Must stay current with latest security vulnerabilities and rapidly adapt defenses.
- Ideal for experienced security engineers who enjoy hands-on technical work, strategic influence, and securing modern streaming infrastructure.
缺点 / 挑战
暂无明显挑战项
角色解读
- Progress to Principal Security Engineer or Security Architect, leading organization-wide security strategy.
- Transition into Security Management (e.g., Head of Security) or specialize in streaming security.
- Gain cross-domain expertise in DevSecOps, threat intelligence, and security research.
- Design and implement security controls directly into streaming services and platforms.
- Lead threat modeling, penetration testing, and incident response for production systems.
- Develop automation tools and libraries to enforce security standards across CI/CD pipelines.
- Act as security subject matter expert for the OTT streaming business, collaborating with engineering teams.
- Deep expertise in cloud security (AWS/Azure/GCP) and secure coding practices.
- Strong hands-on experience with cryptography, authentication protocols, and network security.
- Proficiency in scripting (Python/Bash) and general-purpose language (Go/Node.js) for automation.
- Ability to communicate security risks effectively to both technical and non-technical stakeholders.
申请策略
- Research Coupang Play's content and technology stack to tailor your application.
- Prepare to discuss real-world security incidents you've handled and the impact of your solutions.
- Emphasize experience securing cloud-native microservices, including IAM, encryption, and network segmentation.
- Highlight specific contributions to security automation (e.g., custom tools, CI/CD integration) and incident response.
- Showcase any work with video streaming security (DRM, device attestation, anti-tampering) if applicable.
- Mention leadership in security initiatives, mentorship, and cross-team collaboration.
- Deepen knowledge of AWS security services (KMS, WAF, GuardDuty) and container security.
- Familiarize with open-source security tools (e.g., OWASP ZAP, Falco) and contribute to them.
面试指南
- Use the STAR method (Situation, Task, Action, Result) for behavioral questions.
- For technical questions, outline the problem, evaluate trade-offs, propose a solution, and discuss how you'd validate it.
- Show depth by referencing specific standards (e.g., OAuth2, SAML) or tools (e.g., Terraform, Vault).
- How would you design a secure authentication system for a microservices architecture?
- Describe a time you integrated security into a CI/CD pipeline. What tools did you use?
- How do you approach threat modeling for a new OTT streaming feature?
- Explain how you would secure a video streaming service against piracy and content theft.
- Walk us through a security incident you led, from detection to post-mortem.
匹配度报告
66
综合匹配度
Senior security role at a top streaming platform, offering strong skill development but demanding on-site presence and high responsibility.
适合人群
This role is best for a security engineer who prioritizes technical growth and cutting-edge work over work-life balance.
最强匹配
成长发展匹配
最弱匹配
工作生活匹配
薪资福利70
成长发展85
工作生活40
使命价值70
薪资福利匹配
70中等
Salary is market-competitive for senior security roles in Singapore, but exact figures are undisclosed. Coupang is a publicly traded multinational, likely offering strong base pay and RSUs, though no specific benefits are mentioned in the JD.
薪资信号未披露(AI估算:63K-95K/月)
成长发展匹配
85较高
The role provides extensive opportunities to work with modern cloud security, cryptography, and streaming tech. Mentorship and security leadership are emphasized, though no explicit promotion path is stated.
技术前沿主流现代技术
技术栈AWS、Azure、GCP、Cryptography、PKI、OAuth、CI/CD、Penetration Testing、Threat Modeling
成长机会mentorship
业务类型profit_center
工作生活匹配
40较低
Singapore-based role with unspecified work mode (likely on-site). No mention of remote work or WLB policies. The high responsibility and incident response suggest potential after-hours work.
工作模式未明确
办公地点海外(不适用)
加班情况未提及(无法判断)
使命价值匹配
70中等
Working for Coupang Play means contributing to a growing OTT platform that brings entertainment to millions. Security directly protects content and user trust, which carries a sense of purpose, though not a social mission.
行业发展高速增长赛道
社会影响中性/一般
创新程度积极采用新技术
Watch Jobs