Skip to content
CodeRabbitCodeRabbitSan Francisco, CA

Lead Security Engineer

Leads security engineering by owning the security roadmap, implementing defense-in-depth tactics like threat modeling and secure CI/CD, and spearheading incident response. Requires 8+ years in security engineering with expertise in cloud security and developer workflows.

Salary not listed
Hybrid8+ YOESecurity Engineering

About the role

Responsibilities

  • Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence.
  • Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration.
  • Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems.
  • Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery.
  • Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows.
  • Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company.
  • Compliance & policy — establish security standards, frameworks, or processes that evolve as we scale—but remain lean and developer-friendly.

Qualifications

  • Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields—bonus if you've led through a major production breach or targeted attack.
  • Technical depth: Extensive experience with security across software and infrastructure—threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response.
  • Strategic mindset: Ability to translate risk into actionables, communicate trade-offs with engineering/product leadership.
  • Praxis over theory: You’ve taken production systems down (intentionally or unintentionally) and built them back stronger.
  • Security in chaos: Experience in pressure situations—with clarity, direction, and calm.
  • Developer-centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down.

Bonus Points

  • You’ve implemented DevSecOps tooling and orchestrated shift-left security in developer pipelines.
  • You’ve recovered from (or prevented) a critical security event, and turned that into an engineering culture improvement.
  • Experience in a dev-tools, SDK, or platform-heavy company.
  • Hacker mindset + operational discipline - pentests, disaster recovery, threat hunting, tooling, cloud environments.
  • Certifications like CISSP, CISM, CEH, or relevant cloud security certs.

Skills

Threat ModelingPen TestingCI/CDCloud SecurityIncident ResponseSASTDASTSIEMEdrDevSecOps
Zoox

Network Security Engineer

ZooxFoster City, CA

Network Security Engineer designing, implementing, and operating secure hybrid/multi-cloud network architectures, next-gen firewalls, ZTNA/VPN, and automation (Terraform/Python) across enterprise, OT, and cloud environments (AWS/GCP). Requires 6+ years experience in network security, firewalls, cloud security, IaC, and compliance (NIST, ISO).

181k – 218k/yr
Hybrid6+ YOESecurity Engineering
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA +1

Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.

200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Software Security Engineering Manager, Secure Frameworks

AnthropicSan Francisco, CA +1

Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.

405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Forus

Founding Security Engineer

ForusNew York, NY

Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.

Salary not listed
On-site7+ YOESecurity Engineering
Flexport

Manager, Supply Chain Protection & Loss Intelligence

FlexportMiami, FL

Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.

Salary not listed
On-site8+ YOESecurity Engineering