NetBox Labs

Senior Security Engineer

NetBox Labs

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $180,000 - $190,000 per year

Job Level

Senior

Tech Stack

AWSCloudGoGoogle Cloud PlatformPythonSplunkTerraform

About the role

  • Enable and guide teams to adopt DevSecOps practices, ensuring security is built into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices.
  • Work with IT Manager on company identity and access management: IdP configuration, user/group organization, and automation via cross-platform synchronization and SAML.
  • Administer and automate GitHub Enterprise and JFrog management (users, teams, org policies, and compliance) using IaC.
  • Operate and tune SIEM, DLP, and centralized logging systems; define and maintain detection and alerting rules.
  • Review audit logs and security telemetry across cloud, SaaS, and developer systems for anomalies and compliance issues.
  • Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least-privilege principles.
  • Collaborate with platform, product, and engineering teams to design secure-by-default workflows, infrastructure, and deployment practices, ensuring consistent security controls across products.
  • Conduct risk assessments, tabletop exercises, and threat simulations in concert with engineering and operations teams, ensuring security readiness is collaborative and integrated.
  • Lead and coordinate penetration testing efforts, including scoping, vendor engagement, and remediation tracking.
  • Support SOC 2 and related compliance efforts through control validation and evidence collection.
  • Help respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to ensure accurate and timely answers

Requirements

  • 5+ years in security, IT, DevSecOps, or platform engineering roles.
  • Deep understanding of identity management, SSO, and federation (Google Workspace, Okta, Auth0, OIDC/SAML).
  • Experience managing and automating users, groups, org policies, and compliance controls on systems like AWS, GCP, GitHub Enterprise, and JFrog.
  • Experience implementing and improving software supply chain security, including integrating security into CI/CD pipelines (e.g., GitHub Actions).
  • Experience managing SIEM/DLP platforms (e.g., Datadog, Splunk) and writing detection rules.
  • Strong automation skills (Python, Go) and proficiency with infrastructure-as-code (Terraform).
  • Familiarity with SOC 2 and security frameworks (NIST, CIS, OWASP).
  • Excellent communication and documentation skills.
Benefits
  • Offers Equity
  • Offers Bonus

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
DevSecOpsidentity managementSSOfederationautomationinfrastructure-as-codePythonGoTerraformdetection rules
Soft skills
communicationdocumentationcollaborationleadership
Certifications
SOC 2NISTCISOWASP