# Security Engineer

**Company:** [Sourcegraph](https://hotfix.jobs/companies/sourcegraph)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $72k – $144k/yr
**Experience:** 5+ years
**Skills:** Go, Elastic Stack, GCP, SIEM, Terraform, Kubernetes, TypeScript, SOC 2, ISO 27001, GDPR
**Posted:** 2026-06-08

> Security Engineer focused on security operations, incident response, monitoring/alerting, and securing SaaS applications and infrastructure. Requires Go experience, Elastic Stack, GCP, and on-call rotation participation.

## Job Description

## Responsibilities
- Build world-class security into product offerings through security operations
- Maintain and improve monitoring and alerting stack
- Participate in on-call rotations and respond to security incidents
- Conduct application security testing and manage bug bounty programs
- Perform security reviews for application and infrastructure security
- Proactively improve security of codebase, product, cloud, and customers' on-premise deployments
- Discover, fix, and mitigate infrastructure vulnerabilities by updating libraries, base images, and analyzing containers
- Maintain internal systems and automations for alert triaging
- Triage, troubleshoot, and mitigate customer security concerns
- Enhance application security through audits, best practices, code fixes, and continuous education
- Perform reactive incident response during security events
- Conduct proactive research to detect new attack vectors
- Perform threat modeling for existing and future applications
- Assess and integrate new tools and technologies to improve operational efficiencies
- Help maintain compliance with SOC 2, ISO 27001, and GDPR standards

## Requirements
- Practical experience reviewing SIEM alerts and participating in on-call rotations
- Practical experience securing SaaS applications as a security generalist, including infrastructure security, application security, and/or compliance
- Experience with Go, including writing and maintaining internal tooling along with code reviews
- Experience with Elastic stack and GCP
- Experience using and automating a wide range of defensive security tools
- Experience working across engineering teams to secure projects across the organization
- High agency and effective written communication and documentation skills

## Nice to Haves
- Experience developing software as an engineer (writing code and contributing directly to applications)
- Experience working in a startup environment
- Experience with TypeScript and Terraform
- Experience with Kubernetes
- Experience securing AI products

## Similar roles

- [Security Program Manager](https://hotfix.jobs/jobs/cc6ab668-1e76-49cc-b532-e9c24ed63227) - Oneleet - Remote - $75k – $140k/yr
- [GRC Program Manager](https://hotfix.jobs/jobs/5b121fcc-25d9-471c-a57f-273f2ea2942b) - Astra - Remote - $95k – $135k/yr
- [Compliance Analyst](https://hotfix.jobs/jobs/b1657e99-edcc-41eb-b820-8b3e05df4e67) - Harvey - San Francisco, CA - $99k – $149k/yr
- [Application Security Engineer](https://hotfix.jobs/jobs/d240253e-6098-4419-8f04-aaf793f42c03) - Zocdoc - Remote - $100k – $140k/yr
- [Security Engineer, Application Security](https://hotfix.jobs/jobs/18d79ceb-6c9b-4ecf-819a-fcd37324835f) - Trail of Bits - Remote - $100k – $200k/yr

**Apply:** https://hotfix.jobs/jobs/ceb8001f-2a82-4065-881a-a179d4ae65b9
**Canonical:** https://hotfix.jobs/jobs/ceb8001f-2a82-4065-881a-a179d4ae65b9