Design and build shared libraries, platform guardrails, and internal tools that make the secure path the easy path for engineers
Review architecture, technical designs, and production code for security issues in product and platform systems
Perform pragmatic threat modeling for new features, workflows, services, and integrations
Improve core security patterns across the stack, including authentication, authorization, secrets handling, secure logging/redaction, auditability, and sensitive-data protections
Build or improve developer-facing security automation in CI/CD and local workflows, including code scanning, dependency policy, secret detection, and infrastructure checks, with a bias toward low-noise, high-signal results
Work directly with engineers to remediate vulnerabilities in code and design, focusing on durable fixes and reusable patterns rather than one-off tickets
Help define and evolve a lightweight secure SDLC that fits a fast-moving startup environment
Contribute to incident analysis and postmortems when product or platform security issues arise
Write clear documentation, examples, and decision records that help teams build securely without unnecessary friction

Requirements

Strong software engineering background, ideally in backend or platform systems
Comfortable making meaningful contributions in a production codebase, not just scripts or proofs of concept
Experience with secure design reviews, threat modeling, code review, and vulnerability remediation
Strong understanding of common application and API security issues, including authentication, authorization, injection risks, secrets handling, session security, data exposure, and multi-tenant isolation
Experience building engineering-facing tooling, libraries, CLIs, CI/CD checks, or other developer-platform guardrails
Good technical judgment and a practical approach to reducing real risk without slowing the company down unnecessarily
Strong written communication and the ability to explain technical risk clearly to engineers and non-security stakeholders
Comfort operating with high autonomy in a small or medium-sized engineering organization
Preference for solving problems in code and architecture rather than by introducing heavyweight process

Benefits

Robust medical coverage (100% of employee + family premiums covered)
Vision & dental coverage
401(k)
HSA / FSA
Remote-first culture - work from wherever you do your best work
Flexible time off - we trust you to manage your time

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

secure design reviewsthreat modelingcode reviewvulnerability remediationauthenticationauthorizationsecrets handlingsecure loggingCI/CDdeveloper-facing tooling

Soft Skills

technical judgmentwritten communicationproblem-solvingautonomycollaboration