Platform Security Engineer
Role details
Job location
Tech stack
Job description
We are hiring a Platform Security Engineer to own the security of how we build and ship software: the product and its AI systems, the cloud it runs on, and the supply chain and CI/CD that get it there. This is a hands-on engineering role, not an advisory one. You'll work alongside our platform engineer and partner directly with product and platform engineering to design security in early and build the guardrails that make secure the default. Security is core to the product and the company, and we are engineering-led: we buy managed protection where it makes sense and spend headcount on engineers who automate and extend the stack. You'll be one of the first hires on this team, owning a domain rather than a slice of someone else's., * Run security design reviews, threat models, and code reviews for new features and AI/agentic systems, designing out vulnerability classes rather than chasing them one at a time
- Help scope and act on penetration tests against the product
- Design and build security controls for our AWS and Kubernetes (EKS) environment, including IaC guardrails (e.g., Terraform), secrets management (e.g., HashiCorp Vault), and tooling to detect and prevent cloud misconfiguration
- Harden the path from commit to production, including source and pipeline security (e.g., GitHub Enterprise, Actions and self-hosted runners) and the artifact and build chain
- Build security tooling and workflows that integrate into the IDE and pipeline so engineers make secure decisions quickly
- Stand up and run dependency and SCA controls and a dependency firewall (e.g., Socket, Snyk) and artifact management (e.g., JFrog Artifactory)
- Drive SBOM, code signing, and admission control (e.g., Cosign, Kyverno)
- Drive secure-development practices and AI-assisted-development governance across engineering
- Participate in the shared incident-response and on-call rotation as an incident handler, with leadership-level incident command for major incidents
Requirements
- 5+ years in product/application security or security-focused software engineering
- Proficiency in at least one general-purpose language (e.g., Python, Go, TypeScript) and a real build-vs-buy mindset
- Hands-on experience securing modern cloud environments (AWS) and containerized/microservice architectures (Kubernetes)
- Working knowledge of SDLC security: threat modeling, code review, and CI/CD pipeline security
- Ability to translate security requirements into developer-friendly workflows and influence engineering teams you don't own, * Experience securing AI/ML systems, LLM applications, or agentic AI
- IaC security (Terraform, CDK, CloudFormation) and security automation
- Supply-chain security depth (SLSA, sigstore/Cosign, dependency firewalls)
- Bug bounty or offensive-security experience
Benefits & conditions
- A high-performance culture
- State-of-the-art technology
- Experience world-class leadership
- Scale of impact and purpose
- A competitive salary and a huge growth trajectory
- Work with the best in the industry
- Flexible work environment
- Diversity and creativity