Our mission at Duolingo is to develop the best education in the world and make it universally available. But we’ve got more left to do — and that's where you come in!

Duolingo is the most popular language-learning application in the world, with over 500 million users and over half a billion exercises completed daily. Beyond our core learning product, we have also entered into literacy with Duolingo ABC, English proficiency testing with the Duolingo English Test, and even Math.

We are passionate about educating our users, making fact-based decisions, and finding innovative solutions to complex problems. We offer meaningful work, limitless learning opportunities, and collaboration with world-class minds. Come brighten your life and over half a billion more!

Join Duolingo as a Security Engineer and play a pivotal role in safeguarding our systems, employees, learner data, and services across our rapidly-growing language learning platform. With over 650 employees and 21 million daily active users, your expertise will be critical in maintaining the highest security standards, while continuously enhancing our infrastructure security and ensuring compliance.

You Will...

• Design and develop scalable monitoring and response systems for security alerts to proactively mitigate risks
• Continuously evaluate Duolingo's security posture, anticipating future threats and devising appropriate countermeasures
• Collaborate with development teams to conduct threat modeling, identify risks, and provide guidance on mitigations
• Be a partner to our security champions, organizing and growing the program across Duolingo to ensure the efficient distribution of security knowledge
• Implement dependency checks for open-source software within applications
• Participate in regular product security tabletops with organizational partners
• Work on deploying early alerting systems throughout our environment and the responsive automations that trigger when they alert
• Develop a continuous verification and testing system for security controls and critical features
• Work with our partners in finance to ensure we maintain compliance with our regulatory obligations
• Collaborate with IT to improve the security of our offboarding processes by introducing automation and well documented procedures

You Have...

• Experience deploying, managing, and troubleshooting security scanning tools in the CI/CD pipeline
• Familiarity with Linux system administration, automation, and Python programming
• A desire to learn more about security and develop the foundational building blocks of the program
• Strong collaboration, emotional intelligence, and communication skills

Requirements:

• A Bachelor’s degree in Computer Science or related technical field
• Proven experience developing and maintaining microservices
• 2-3 years hands on experience in Terraform and AWS
• 2+ years working on collaborative development teams
• Experience in product, application, or cloud security
• Willingness to work in both backend engineering and operational engineering dependent on the needs of the organization

Exceptional Candidates Will Have...

• Familiarity with containerization runtimes (Docker, rkt)
• Experience securing a large infrastructure on AWS
• Threat modeling experience across various architectures and understand how to align those with business goals
• Demonstrable experience in designing and managing multi-account cloud environments
• Experience communicating sophisticated technical requirements to audiences of variable technical sophistication
• Experience working in Terraform, developing modules and creating secure by default configurations
• Familiarity with security scanning tools such as SemGrep, Nuclei, Trufflehog, and Checkov

We will do everything we can within reason to make sure that your interview takes place in an environment that fairly and accurately assesses your skills. If you need assistance or accommodation, please contact your recruiter.

Take a peek at how we care for our employees' holistic well-being with our benefits here.

Duolingo is proud to be an Equal Employment Opportunity employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

By applying for this position your data will be processed as per the Duolingo Applicant Privacy Notice.