Security Engineer Lead

This is a fully remote opportunity based in North America OR Europe.

The currency you can never get back: time. At EngFlow, that’s exactly what we’re saving. By speeding up builds, we are helping increase resource efficiency, developer productivity, and product quality. Our cloud-based distributed service uses remote execution and caching to parallelize work. We are looking to hire people who are ready to help us scale up!

EngFlow is a SaaS company funded by Andreessen Horowitz and other top investors, and is redefining how companies build software and ship well-tested products. Its remote execution service speeds up software builds and tests by a factor of 10 or more, and observability platform provides actionable insights to optimize builds and tests. Created by core team members who developed Bazel (Google's open source build system) and led its community adoption, EngFlow builds tools and connects experts in the Bazel and build ecosystem. EngFlow products are used by engineers from startups to Fortune 500 companies to accelerate developer productivity and positively impact engineering culture.

See this video to learn more: https://www.youtube.com/watch?v=G8UMhFS8esc

Meet our Team, learn about culture and values, and learn about our product and customer stories at https://www.engflow.com.

Requirements

This role reports into the Head of Product Engineering with a dotted line to our CTO. You will collaborate with numerous stakeholders across business and tech functions to understand security requirements, ensure our systems are secure and SOC 2 compliant, and work through security questions, questionnaires, and reviews with prospects and customers. You’re a proactive team player who doesn’t mind rolling up their sleeves to get the job done. You embody EngFlow’s value of perseverance to work through complex and frustrating technical issues. You’re flexible and adaptable to shifting priorities based on business needs. You have experience managing and building teams — in a remote setting is a plus!

Qualifications

• Passion for optimization and analyzing complex challenges in the security engineering space
• Advanced knowledge of supply chain and cloud security
• Experience managing pentest processes with external vendors
• Experience with SOC2 / FedRAMP audits
• Skilled at intrusion detection and prevention practices
• Expertise in vulnerability tracking and management
• Familiarity with at least one build system: Bazel, CMake, Maven, Gradle, Nix, Buck, others
• Experience in or passion for DevOps and DevInfra
• Experience in Linux and the Unix shell
• Experience with at least one Cloud infrastructure: AWS, Azure, GCP, OpenShift, Oracle Cloud. Terraform experience is a plus.
• Previous experience owning and updating an ISMS and other security documentation / resources
• Experience building and managing security teams — in a remote environment is a plus.

Benefits

We offer comprehensive medical, dental, vision benefits, 401k bonus, parental leave and generous vacation. The team is fully remote but we enjoy meeting together several times a year at exciting destinations throughout the world. We value getting the work done and having fun while doing it, and have done numerous fun team events such as chocolate, whisky and tea tastings, monthly team games, escape the room among other fun events.