# Staff Security Engineer

**Company:** [Socket](https://hotfix.jobs/companies/socket)
**Location:** Remote
**Role:** Security Engineering
**Skills:** TypeScript, GCP, IAM, Vpcs, Appsec, Cloudsec, Opsec, SOC 2, ISO 27001, Incident Response
**Posted:** 2026-03-24

> Owns end-to-end security including application, cloud infrastructure, operational security, incident response, and compliance at a growth-stage security company. Ships production TypeScript, builds tooling, and drives security roadmap while fostering engineering culture.

## Job Description

## Responsibilities
- Improve Socket's security posture: own application security, cloud infrastructure hardening, operational security, and IT security.
- Write code and build tooling to make the secure path the default for engineers.
- Roll out identity and access controls, close gaps across the stack, and continuously reduce risk.
- Assess, prioritize, and drive the security roadmap; balance quick wins with longer-term improvements.
- Run incident response and external security operations: build 24/7 process, triage vulnerability reports, manage pentests, coordinate fixes.
- Maintain SOC 2 compliance and drive new certifications (e.g., ISO 27001).
- Raise security awareness: train engineers, run phishing simulations, build trust with teams.

## Requirements
- Owned security broadly at a growth-stage company or strong software engineer moving into full security ownership.
- Ship production **TypeScript**.
- Breadth across security domains (**AppSec**, **CloudSec**, **OpSec**) with fast learning.
- Fluent in cloud infrastructure (**GCP**): VPCs, IAM, secret management, networking.
- Self-directed operator who executes across fronts without direction.

## Nice-to-Haves
- Communication and teaching skills to foster security culture.

## Benefits
- Market competitive salary bands.
- Meaningful equity program.
- Comprehensive health benefits.
- Flexible time-off, holidays, winter shutdown.
- Paid parental leave.
- Remote-first with quarterly off-sites.

## Similar roles

- [Senior Staff Security Engineer, Vulnerability Management](https://hotfix.jobs/jobs/48bab836-a257-4a63-898d-d884ea8db229) - Zocdoc - Remote - $200k – $290k/yr
- [Staff Software Engineer](https://hotfix.jobs/jobs/bda1fbe8-25da-4d58-8699-ce547f7bdf6e) - Plaid - New York, NY - $222k – $328k/yr
- [Staff+ Application Security Engineer](https://hotfix.jobs/jobs/176eddbe-ab46-4c6b-b459-b97404661b42) - Anthropic - San Francisco, CA - $320k – $485k/yr
- [Staff Security Risk & Compliance Program Manager](https://hotfix.jobs/jobs/69a879b7-e372-4ca2-a954-f0c78526aa69) - Confluent - Remote - $222k – $261k/yr
- [Senior/Staff Infrastructure Security Engineer](https://hotfix.jobs/jobs/b10a4e47-d210-46ca-8e32-a9d8992f41f8) - Abridge - Remote - $214k – $252k/yr

**Apply:** https://hotfix.jobs/jobs/b1eb9da8-60ee-4654-a193-cd16c2bbf766
**Canonical:** https://hotfix.jobs/jobs/b1eb9da8-60ee-4654-a193-cd16c2bbf766