AI Security Principal at HITRUST addressing AI security risks and responsible practices. Collaborating across teams to influence AI security assurance and governance.
About the role
- Lead Security Engineer at CodeRabbit creating high-performance human-machine collaboration tools. Leading security engineering, incident response, and building resilient infrastructure.
Responsibilities
- Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence.
- Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration.
- Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems.
- Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery.
- Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows.
- Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company.
- Compliance & policy — establish security standards, frameworks, or processes that evolve as we scale—but remain lean and developer-friendly.
Requirements
- Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields—bonus if you've led through a major production breach or targeted attack.
- Technical depth: Extensive experience with security across software and infrastructure—threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response.
- Strategic mindset: Ability to translate risk into actionables, communicate trade‑offs with engineering/product leadership.
- Praxis over theory: You’ve taken production systems down (intentionally or unintentionally) and built them back stronger.
- Security in chaos: Experience in pressure situations—with clarity, direction, and calm.
- Developer‑centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down.
Benefits
- Compensation That Reflects Responsibility: We deliver a competitive package—salary, equity, and benefits—to match the importance and intensity of this role.
- Hybrid Culture That Adapts to You: We collaborate in person in the Bay Area every week, but leave room for remote heads-down focus. It’s security, not surveillance.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Cloud Governance & Security Engineer at Zinkworks responsible for cloud operations, governance, and compliance - related projects. Focused on improving security controls and implementing IT initiatives.
Engage in security incident detection and analysis at Telefónica Tech. Responsible for managing cybersecurity incidents and maintaining security documentation.
Senior Security Engineer designing and improving security controls within Enpal's IT environment. Collaborating closely with IT and enhancing security posture in a renewable energy company.
Senior Network Security Engineer responsible for evaluating security solutions and technologies at Absa. Collaborating with Risk, Cyber, and Architecture teams for effective security management.
Security Specialist contributing to personal security within SEB's operations. Coordinating, developing, and advising on personal security measures for employees and stakeholders in various locations.
Cybersecurity Account Executive driving sales and client engagement at Arancia, a Canadian cybersecurity firm. Focusing on building relationships and enhancing security postures for clients.
LSS Subject Matter Expert delivering next generation access management solutions at Amadeus. Engaging in deployment and technical support for security solutions and customer onboarding.
Cyber Engineering Consultant responsible for implementing and managing cybersecurity technologies, collaborating with cross - functional teams on infrastructure initiatives in the company.
Senior consultant designing and operating cybersecurity technologies at Cargill in India. Leading cloud security initiatives and collaborating with cross - functional teams to ensure robust protection.