Infrastructure Security Engineer responsible for integrating security into infrastructure workflows and automating security measures. Collaborating with SRE teams to maintain a secure infrastructure posture.
About the role
- Lead Security Engineer at CodeRabbit creating high-performance human-machine collaboration tools. Leading security engineering, incident response, and building resilient infrastructure.
Responsibilities
- Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence.
- Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration.
- Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems.
- Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery.
- Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows.
- Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company.
- Compliance & policy — establish security standards, frameworks, or processes that evolve as we scale—but remain lean and developer-friendly.
Requirements
- Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields—bonus if you've led through a major production breach or targeted attack.
- Technical depth: Extensive experience with security across software and infrastructure—threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response.
- Strategic mindset: Ability to translate risk into actionables, communicate trade‑offs with engineering/product leadership.
- Praxis over theory: You’ve taken production systems down (intentionally or unintentionally) and built them back stronger.
- Security in chaos: Experience in pressure situations—with clarity, direction, and calm.
- Developer‑centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down.
Benefits
- Compensation That Reflects Responsibility: We deliver a competitive package—salary, equity, and benefits—to match the importance and intensity of this role.
- Hybrid Culture That Adapts to You: We collaborate in person in the Bay Area every week, but leave room for remote heads-down focus. It’s security, not surveillance.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Software Engineer supporting software development teams in security lifecycle processes. Creating security concepts and assisting in web application security topics with a modern tech stack.
Intern or apprentice at PCtronics gaining exposure in IT operations, cybersecurity, and automation. Support client onboarding and documentation within a managed IT environment.
Specialist in product security for TIAA focused on maintaining security throughout product lifecycles. Engaging in product development, vulnerability analysis, and team collaboration.
Cyber Security Engineer designing and developing cybersecurity tools and solutions for ADI Global Distribution. Role involves secure software development and cloud engineering to ensure cybersecurity integrity.
Cyber Security Engineer focusing on secure software development and cybersecurity solutions for ADI Global Distribution. Engaging with an international team to enhance software integrity and security practices.
Head of IT, Security & Compliance ensuring the IT infrastructure and compliance at CameraMatics. Leading security initiatives and regulatory obligations in a hybrid work setting.
Security Officer conducting interior and exterior patrols to ensure safety and monitor access in data centers. Collaborating with clients and performing various security duties.
Managing Director for Security and Resilience at Edison Electric Institute overseeing security and resilience operations for electric power system. Leading a team of experts in national security and regulatory processes.
Head of AI Security at Absa developing security frameworks for AI systems. Responsible for safeguarding AI platforms against cybersecurity threats and ensuring secure development practices.