We are looking for a Staff Security Engineer to play a key technical role in the evolution of our Platform Security discipline.
This role is for someone who operates well in complex, ambiguous, and systemic problems and can solve them through engineering. You will work closely with SRE, Data, AI, and Software Engineering teams, turning security risks and requirements into real platform capabilities that can be adopted at scale across multiple teams and products.
We are looking for someone with strong technical depth, autonomy, excellent judgment, and a proven track record of building durable solutions to structural security problems. More than operating existing controls, we expect someone who can define standards, build platform-native mechanisms, and consistently raise the security maturity bar across engineering.
Key Responsibilities
Security Strategy and Architecture
Define and refine the platform’s security strategy, aligning it with business objectives and compliance requirements.
Design and lead the practical implementation of resilient security architectures for critical systems in cloud-native environments.
Establish security engineering standards through code, particularly for infrastructure as code (Terraform), containers, CI/CD pipelines, gates, and guardrails.
Conduct threat modeling and security design reviews for systems and new platform features.
Development and Automation
Develop and maintain security platforms, automation tools, libraries, and reusable internal frameworks for the entire organization.
Integrate security throughout the entire development cycle (shift-left and Security by Default), implementing secure CI/CD pipelines with automated testing (SAST, DAST, SCA) and remediation tools.
Use technologies such as Terraform, Go, and Python to enhance security maturity by developing and deploying tools and platforms, effectively and scalably ensuring multi-layered security (software development, applications, and infrastructure).
Operations, Governance, and Technical Leadership
Act as a technical security expert for the engineering teams, mentoring other engineers on secure development practices and DevSecOps.
Actively participate in incident response and security post-mortems.
Collaborate with SRE, Software Engineering, and Product teams to influence architectural decisions, taking into account the trade-offs between security, performance, and usability.