Staff Security Engineer

At Linear, we are on a mission to bring magic back to software. To empower product teams to do their best work, we are building an issue tracking and project management tool that combines UI elegance with world-class performance. Founded in 2019, Linear has become the tool of choice for 10,000+ companies to plan and build their products.

Linear was set up as a fully remote company from the start. Today, our small but mighty team is distributed across North America and Europe. What unites us is relentless focus, fast execution, and our passion for software craftsmanship. We are all makers at heart and care deeply about the quality of our work.

We're looking for a Security Engineer with a strong InfraSec background who will lead and own security initiatives across the company. The right candidate has a builder mentality and pragmatic approach to proactively improving our security posture. You can expect close collaboration with our infrastructure team, product, and customers as you lay the groundwork for the function.

Please note: We are an equal opportunity employer and remote-only company. At this time, we can support hiring within the US and most EU time zones.

What you'll do

• Own application and infra security (GCP, k8s), and drive improvements to our overall security posture and practices

• Define and drive the product security vision, strategies, and best practices across product and infrastructure teams

• Help build best-in-class security controls for Linear’s product

• Manage pentesting and other security and compliance related partners

• Work closely with go-to-market teams to communicate our security posture to customers

• Assess and improve the security posture of supporting infrastructure and third-party integrations

• Coordinate security incident response efforts, conduct root cause analyses, and coordinate remediation across teams

• Collaborate with operations on SOC2 compliance and vendor security audits

Requirements

• 5+ years of experience in application and infrastructure security

• Startup experience

• Strong communication skills and ability to interact with customers

• Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies

• Strong AWS or GCP (preferred) experience

• Experience with secure API development, infrastructure security, and addressing emerging security challenges

• Background in Javascript/Typescript and Node.js, and familiarity with secure coding practices

• Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines

What we offer

• Interesting and challenging work

• Work-life balance

• Competitive salary and equity

• Employee-friendly equity terms (early exercise, extended exercise)

• Paid lunch and coffee during workdays

• Work remotely, no commuting to the office

• Paid co-working space/desk at an office

• Health, dental, and vision insurance (US)

• Regular team events and off-sites

• 5 weeks of paid vacation

• 4 months of paid parental leave

Learn how we think and work

• A story about our mission: Read Me

• The technology behind our realtime sync engine from a talk by our cofounder Tuomas

• Scatter Brain chat with our CEO, Karri Saarinen: A better way to build Software