Staff Software Engineer - IAM
Leads development of IAM and security systems at scale to protect customer data on Databricks platform. Requires 7+ years in data security, 10+ years in distributed systems, and MS/PhD.
Staff Security Engineer, DevSecOps (Corporate Security)
Leads DevSecOps function to secure developer environments, GitHub Enterprise, CI/CD pipelines, software supply chains, and AI-assisted development at scale. Requires 8+ years experience, deep GitHub expertise, and scripting skills to set engineering-wide standards without hindering velocity.
192k – 278kUnited StatesSecurity EngineeringRemote8+ YOE
About the role
Responsibilities
- Own the DevSecOps function: set technical direction, define operating model, drive developer security program.
- Own GitHub and CI/CD security: harden GitHub Enterprise, implement governance, repository standards, Actions security, audit visibility.
- Define AI-assisted development security: build guardrails, governance standards for AI coding tools and agentic workflows.
- Harden software supply chain: improve dependency hygiene, secret management, token governance, secure package consumption.
- Set standards engineering teams use: build secure templates, baseline configurations, developer-friendly guardrails.
- Partner with Platform Engineering: embed security in developer tooling and platform infrastructure.
- Elevate team: mentor engineers, distribute ownership, contribute to hiring.
- Support operations: participate in on-call rotations, contribute to investigations.
Requirements
- Minimum 8+ years in security engineering, DevSecOps, platform security, securing developer environments, CI/CD, software supply chains.
- Deep expertise in GitHub Enterprise security: branch protections, secret scanning, access controls, repository standards, Actions security, audit logging.
- Design/implement CI/CD security controls without degrading developer velocity; experience with GitHub Actions.
- Software supply chain security: dependency hygiene (npm, pip), token/secret management, secure packages, SBOM generation.
- Experience with AI-assisted development security (Copilot, Cursor, Claude Code), policy/technical controls.
- Architectural decisions spanning teams; scalable, reusable security controls.
- Scripting/automation: Python, Bash, Terraform.
- Build alignment with engineering stakeholders, influence standards without authority.
- Track record of mentorship, documentation, growth opportunities.
- Experience with on-call rotations, investigations (developer tooling, source control, credentials).
Compensation (USA)
- Base salary: $192,000 - $278,000 USD
- Benefits: health, dental, 401k, PTO, equity, incentives
Compensation (Canada)
- Base salary: $167,000 - $242,000 CAD
- Benefits: health, dental, RRSP, PTO, equity
Skills
Github EnterpriseGitHub ActionsCI/CDPythonBashTerraformSoftware Supply Chain SecuritySbomSecret ScanningDependency ManagementAi SecurityBranch Protections
Similar roles
Security Engineering jobsStaff Software Engineer - Security Infrastructure
Leads security infrastructure engineering to secure Databricks platform, plugging gaps in services like cryptography, Kubernetes security, and access control. Requires 7+ years in data security, 10+ in distributed systems, and MS/PhD.
Staff Engineer
Staff-level IC building fraud detection, risk decisioning, and investigation tooling for a nonprofit fundraising platform. Requires 8+ years experience in adversarial domains and strong backend fundamentals.
Senior/Staff Network Security Engineer
As a Senior/Staff Network Security Engineer, you will design, implement, and operate security controls across Zoox's enterprise, OT networks, and cloud infrastructure. This role involves securing hybrid/multi-cloud architectures, managing firewall platforms, and driving automation with IaC.