The Role

Own technical direction and execution of security initiatives that protect company data and improve systems security, driving impact across multiple teams or systems. At this level, your scope is cross-team. You set the security architecture others build against, lead complex initiatives, and develop senior engineers toward the next level.

Responsibilities

Own Platform team-level architectural security decisions; research, design and own security frameworks, evolution paths, and technical debt strategy while others build against your direction
Lead and contribute to large, complex security initiatives; decompose work, coordinate execution, and surface risks before they become incidents
Proactively detect and remediate security vulnerabilities with discernment using AI tooling as an accelerant while applying rigorous judgment on correctness and risk
Champion security standards, testing patterns, and observability; driving improvements in security beyond your immediate team by embedding security in the software development lifecycle and infrastructure changes
Mentor senior engineers toward Staff-level behaviors; your impact compounds through the engineers you develop, not just the code you write
Align multiple teams on security strategy; translate business goals into secure system design and represent security strategy in organizational discussions

What We're Looking For

You measure success by the team's security posture and system health, not your own contributions alone
You self-direct technical improvement work beyond the product roadmap. You identify what needs to change and drive it without waiting to be asked
You develop others. Your presence makes engineers around you more effective and higher-scope
You've owned production systems at scale and made security trade-offs under real constraints
Proficiency in Ruby on Rails and PostgreSQL, including understanding the framework's security tools (Active Record encryption, CSP, sanitization, asynchronous background processing).
Hands-on security experience with AWS, infrastructure as code, and CI/CD at scale
Expert-level knowledge of network security, operating systems (Linux), and cloud platforms
Experience with NIST, ISO27001, CIS MITRE ATT&CK, CSA CCM, SOC2, GDPR frameworks
Strong track record with cloud security, API security, secure software development, threat modeling, identity and access management, network segmentation, vulnerability management, incident response, and compliance-driven security controls

Failure Modes We Screen Against

Shadow tech lead everywhere — takes over instead of enabling others. Ivory tower architect — designs without accounting for implementation reality. Invisible impact — does good work but doesn't communicate or scale it. Super coder bottleneck — writes all critical code instead of growing others who can.

Interview Process

Round

Format

What We Evaluate

1 — Hiring Manager Screen

60 min, conversational

Career trajectory, mentorship philosophy, cross-team influence examples, communication style

2 — Secure System Design Case Study

60 min, live discussion

Cross-team scope, architecture trade-offs, technical debt strategy, AI-augmented design segment

3 — Live Coding Exercise + AI Proficiency

60 min, live coding

Navigating unfamiliar code, root-cause debugging, code quality judgment, AI tool usage

4 — Team Interview

2 × 45 min

Collaboration, engineering development, multi-team initiative narrative

5 — Culture Add

30 min, People Team

Organizational values alignment

AI coding assistants are allowed in Rounds 2 and 3. We observe how you use them, not whether you use them.

What You’ll Receive

Competitive compensation including base salary, bonus, and equity
Employer-sponsored 401(k) with match
Comprehensive medical, dental, and vision coverage
Flexible time off and hybrid work environment

The anticipated annual salary range for this role is $180,000 - $220,000. Actual compensation and title will be commensurate with experience, qualifications, knowledge, and skills.

Staff Security Engineer

Job Description