Job Description

Our mission at Duolingo is to develop the best education in the world and make it universally available. It’s a big mission, and that’s where you come in!

At Duolingo, you’ll join a team that cares about finding innovative solutions to complex technical problems, running countless experiments (300+ at a time!) with our massive user base to make data-driven decisions, and educating our users and employees alike. You’ll have limitless learning opportunities, mentorship and collaboration with world-class minds, and a variety of projects with large scopes — while doing work that’s both fun and meaningful.

Join our life-changing mission to develop education for our half a billion (and growing!) learners around the world.

About The Role

We are looking for a Head of Security to own the growth of our Security Program as we continue to scale to more courses and regions. This is an opportunity to shape how security integrates with the way we operate as a company and how our product is built.

As Duolingo's Head of Security, you will lead a high-leverage organization spanning Platform Security, Compliance, and Corporate IT. You’ll set strategy, coach both managers and individual contributors, and be responsible for engineering performance and execution.

You will also partner with Engineering, Legal, Audit, and Workplace to protect learner data, enable developer velocity, and keep a public company’s disclosures and controls buttoned up.

You will...

• Develop engineers and managers on the team and help them grow in their careers by supporting them in defining strategic goals, planning tasks and reviewing code.
• Work with other engineers and leaders across the company to identify and catalog risks, and ensure issues are addressed in timely manner.
• Design and implement systems and processes that improve our security posture.
• Partner with external consultants and vendors on integrating security tooling into our products.
  
  

Requirements...

• Track record owning incident response, detection/response, and risk management; ability to translate risk to business tradeoffs.
• Prior responsibility for endpoint management/MDM, identity/SSO/MFA, fleet security, SaaS administration, and helpdesk
• Modern application security leadership and mobile-app security experience
• Cloud security (AWS/GCP), identity/IAM, secrets management, and IaC controls experience
• Familiarity with one or more national and/or international regulations such as GDPR, ISO, and SOX.
  
  

Exceptional candidates will have...

• Extensive experience in fast-growing, consumer-facing, data-driven startups, ideally mobile app based.
• A Bachelor’s degree in Computer Science or related technical field.
• Experience securing a large infrastructure deployment on AWS or Google Cloud.
• Established security champions programs and developer self-service guardrails (policy-as-code, paved roads).
• Run a successful bug bounty; prior work with HackerOne/Bugcrowd
  
  

We post a multi-level salary range for all of our roles.

This is not inclusive of the rest of our awesome portfolio that includes equity compensation and world-class benefits. Our salary ranges are the same for all US locations. Your recruiter can share more details about the range for a specific level during the hiring process. The actual salary within the range is determined by many factors including but not limited to, skills, experience, education, and internal equity.

Salary Range

$240,000—$432,000 USD

Take a peek at how we care for our employees' holistic well-being with our benefits here.

We will do everything we can within reason to make sure that your interview takes place in an environment that fairly and accurately assesses your skills. If you need assistance or accommodation, please contact accommodations@duolingo.com.

Duolingo is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

By applying for this position your data will be processed as per the Duolingo Applicant Privacy Notice.

Sign up for job alerts here.

Job Tags

Full time,

Similar Jobs