CodeRabbit

Lead Security Engineer

CodeRabbit

full-time

Posted on:

Location Type: Hybrid

Location: Bay AreaCaliforniaUnited States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cloud

About the role

  • Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence.
  • Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration.
  • Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems.
  • Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery.
  • Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows.
  • Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company.
  • Compliance & policy — establish security standards, frameworks, or processes that evolve as we scale—but remain lean and developer-friendly.

Requirements

  • Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields—bonus if you've led through a major production breach or targeted attack.
  • Technical depth: Extensive experience with security across software and infrastructure—threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response.
  • Strategic mindset: Ability to translate risk into actionables, communicate trade‑offs with engineering/product leadership.
  • Praxis over theory: You’ve taken production systems down (intentionally or unintentionally) and built them back stronger.
  • Security in chaos: Experience in pressure situations—with clarity, direction, and calm.
  • Developer‑centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down.
Benefits
  • Compensation That Reflects Responsibility: We deliver a competitive package—salary, equity, and benefits—to match the importance and intensity of this role.
  • Hybrid Culture That Adapts to You: We collaborate in person in the Bay Area every week, but leave room for remote heads-down focus. It’s security, not surveillance.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
security engineeringincident responsethreat modelingsecure design reviewshardeningCI/CD integrationSASTDASTSIEMEDR
Soft skills
strategic mindsetcommunicationleadershipmentoringresilienceclaritydirectionempathy