Lead Security Engineer (Remote)

What You’ll Be Doing:

• Serving as an engineering leader and expert on security
• Define and implement the security roadmap, ensuring compliance with company requirements and industry standards
• Drive automation and toolchain improvements to enhance security processes
• Collaborate across teams (Engineering/IT/Compliance) to maintain alignment on security policies, workflows, and service level agreements
• Integrate security into development workflows and infrastructure using automation, infrastructure-as-code, and cloud security scanning techniques
• Act as a hands-on leader in security tool integration, ensuring seamless integration into CI pipelines and deployment systems

Requirements:

• 10+ years of experience leading cybersecurity or corporate security programs, with a focus on securing large-scale web/cloud applications and infrastructure
• Expertise in security infrastructure, including SIEM, firewalls, intrusion detection, identity and access management, and vulnerability management
• Familiarity with various software development life cycles and product security programs
• Proven experience in managing security incidents, including root cause analysis, executive briefings, and communication strategies
• Experience leading bug bounty programs, penetration testing, and triaging security findings
• Strong cross-functional collaboration skills with internal teams (business, engineering) and external incident response teams
• In-depth knowledge of security compliance requirements, such as GDPR, and guiding organizations through compliance processes
• Hands-on experience with Infrastructure-as-Code frameworks (e.g., Terraform) and automating security tools and processes (e.g., using Bash, Python)
• Humility, empathy and open-mindedness - no egos
• Believe that strong teams are built on trust and autonomy
• Passion for the outdoors 

Bonus Points:

• Proficient with Github and integration of security tools into the CI/CD pipeline
• Experience with infrastructure automation and how to enforce secure configurations in cloud infrastructure
• Hands-on AWS and terraform experience

Technologies We Use:

• AWS, GCP, Terraform, Kubernetes
• Ruby, Python, Javascript/Typescript
• MySQL Databases
• Github Actions, BugCrowd, Jira

Our Commitment to You:

• A competitive and equitable compensation plan. This is a full-time, salaried position that includes equity.
• Physical & mental well-being: health, dental and vision benefits + monthly stipend for wellness expenses.
• Trail Days: No meetings first Friday of each month to go test the app and explore new trails!
• Unlimited PTO.
• Flexible parental leave. 
• Remote employee equipment stipend to create a great remote work environment. 
• Annual continuing education stipend. 
• Discounts on subscription and merchandise for you and your friends & family.
• An authentic investment in you as a human being and your career as a professional.