SmartNews is a news app with 20 million monthly active users in the U.S. and Japan. We are a machine-learning company deeply committed to helping users find quality news beyond the filter bubble.
Our algorithms evaluate tens of millions of articles, behaviors and social interactions to deliver only the most interesting and important stories on a global scale — a fascinating engineering challenge that has attracted a world-class data science and engineering team.
Join our international culture — smart work, smart people and a global mission to bring quality information to the world. Our perks include offering you a free healthy lunch, delicious coffee provided by our in-house barista, and financial support towards language-learning.
Your ideas matter
We view engineering as a collaborative activity, where our engineers aren’t only responsible for implementation, but also helping to figure out what we should build. So rather than just executing on a fully formed spec, you’ll work directly with product managers to come up with the best solutions from both a technical and product perspective. Ideas for new features or improvements don’t only flow down from above either, and so as an engineer, you’ll be encouraged to propose your own ideas for our product as well.
Not too big, not too small
We’re small enough that you can have a big impact on our product, but big enough that we’re tackling interesting and challenging problems at scale. We still don’t have much bureaucracy, nor an excessive amount of interdependencies between teams, so it’s still possible to go from idea to launch in very little time. For example, we launched our COVID-19 dashboard just 48 hours after it was proposed by an engineer on Slack.
Work both with your engineering peers and cross-functionally
Most companies organize their teams either by grouping people of a similar skillset, or assigning them to cross functional teams. We do both! You’ll be part of a “pillar”, where you’ll work with other engineers with a similar skillset, letting you trade ideas and level up each other’s technical skills, and also a “squad”, where you’ll work with a diverse cross-functional team to directly contribute to business goals.
An international environment that doesn’t require Japanese
Over fifty percent of our engineers are non-Japanese, coming from over 15 different countries. Although we don’t have an official language, English is becoming the de-facto standard of the engineering team. When needed, we have a team of interpreters that can provide simultaneous translation at meetings. Of course, if you’re looking to learn or improve Japanese, there’ll be plenty of opportunities to do so, including through free language lessons.
We welcome people who are currently overseas but looking to relocate to Japan. We can provide visa support and help you get set up in Japan.
Our response to COVID-19
Our user base is increasing quickly due to people’s interest in news (COVID and non-COVID related), and so we’re still hiring. If you’re abroad looking to relocate to Japan, we’re still interested. If you’re based in China or the US, we can initially hire you with our local branches, and then transfer you here once your visa is processed. If you’re based in another location, we’ll bring you once we’ve helped you obtain a visa.
For our existing employees, in response to the situation, we’re having everyone work remotely for the time being.
One specific challenge we’ve noticed remote work creates is that it’s hard to have the kind of spontaneous conversations you might have when grabbing a coffee in an office environment. To encourage our employees to meet other employees they might not know, and also catch up with those they’ve worked with in the past, we have created a bot that on a weekly basis randomly assigns employees to a small group for a short casual chat.
Our hiring process
When you submit your application to SmartNews, it will be reviewed by our recruitment team, to make sure it is relevant to the position. When you pass this initial screening, you’ll then be sent out an online coding test. The results of this test and your resume will then be reviewed in more detail by one of our engineers. After you pass this secondary screening, you’ll be invited in for a round of interviews, covering both behavioral and technical topics. Once you’ve passed these interviews, we’ll make you an offer.
About the position
- Support “shift left” security by implementing third parties and building scripts to support modern security best practices into self-service tooling
- Work with engineering stakeholders to securely design products and fix security issues
- Create workflows and processes for the intake, triage, and resolution of security issues
- Execute proactive threat modeling and implement measures to strengthen the preventative controls of cloud infrastructure
- Work with both internal and external stakeholders to fix known vulnerabilities
- Coordinate our response procedures during active product security incidents
- Empower engineers by conducting regular developer security training
- Bring enthusiasm for working at a fast-paced startup
- Solid understanding of the most common web application security risks as listed by the CWE Top 25 and OWASP Top 10
- DevSecOps and pipeline security implementation experience (SAST/SCA/DAST/etc.)
- Microservice architecture experience, including K8 and Docker
- Application security hands-on experience (pentesting, bug bounties, etc)
- Ability to perform root cause analysis on past security incidents to recommend improvements
- Practical knowledge of AWS cloud services and structure
- English language fluency
Nice to haves
These aren’t required, but be sure to mention them in your application if you have them.
- Business-level or higher proficiency in Japanese and/or Chinese
- Program Management or Data Science experience
- Strong knowledge of the AWS suite of security-related services with a certification as an AWS Security Specialist
- Experience with the operation of cloud-based infrastructure and API security using services such as AWS EC2 security groups, AWS Web Application Firewall, or AWS Shield
- Past work experience with cloud-based security services like AWS Security Hub, Amazon GuardDuty, Amazon Inspector, Amazon Detective, or AWS Config
- Skills in infrastructure-as-code technologies, such as Terraform or CloudFormation
- Exploit development, Red Team, or reverse engineering experience