Staff Security Engineer

Who We Are:

Materialize is an operational data warehouse. It’s the same SQL, same workflows, same architecture as an analytical data warehouse, but with a continuous computation model instead of batch. Your data is always up to date, always consistent, and always immediately accessible, so you can build real-time automation, engaging customer experiences, and new operational data products that drive value for your business.

Our streaming-first data warehouse is purpose-built for the unique demands of operational work. The familiar cloud architecture means low admin overhead, no new skills required. And the incremental engine means the same complex batch transformation logic from analytical warehouses can be ported over to run in real time with minimal engineering effort, and without increasing costs.

Investors:

Kleiner Perkins, Redpoint Ventures and Lightspeed Venture Partners.

About the Role:

As a Staff Security Engineer, you will own the security of our infrastructure and product. As a member of the Cloud team, you will make significant hands-on code contributions to Materialize’s cloud infrastructure. Working across teams, you will level up and scale out our organizational security practices through lightweight tooling, well-crafted policy, and careful code review. You will develop a big-picture strategy, collecting and integrating input from our operations, product, and sales teams into a security roadmap that aligns our cloud and product security direction with our customer and compliance needs.

About You:

• You have many (5+) years of experience as a security-focused engineer.
• You approach security holistically: You appreciate not only the technical challenges of securing a cloud-native database but also the human elements needed to foster a security-conscious organization.
• You are a strategic thinker who will develop a clear security roadmap that blends technical requirements, compliance goals, and customer needs.
• You are customer-focused, and you can predict and articulate a customer’s security needs even better than they can themselves.
• You love to code and be hands-on. You are a builder who enjoys the challenge of crafting and scaling solutions that meaningfully improve security posture while minimizing disruption to other teams in your organization.
• You have deep experience with AWS and infrastructure-as-code tooling.
• You have strong written and verbal communication skills, and you enjoy close collaboration across teams.

Responsibilities:

• Proactively identify security improvements and harden our cloud infrastructure
• Build and manage cloud security tooling (e.g. threat detection/hunting, network, and web application firewalls, CSPM)
• Consult on architecture and provide code review of security-sensitive projects across the organization
• Chart a technical path toward advanced compliance certifications (e.g. ISO27001, PCI, HITRUST, FedRAMP)
• Support our product team by listening to customer feedback and designing customer-facing security controls (e.g. network access controls, private networking connectivity, customer-managed encryption keys)
• Collaborate with our operations team to author security-relevant policies

Bonus Points:

• Familiar with compliance standards (e.g. SOC 2, NIST, PCI DSS)
• Familiar with privacy standards (e.g. GDPR, CCPA, HIPAA)
• Familiar with cloud-native databases
• Experience with Kubernetes and containerized workloads
• Experience programming in Rust
• Experience in small to mid-startups
• Experience with Azure or GCP
• Regularly sleep with a tin foil hat

Salary: $200,000 - 230,000/year + Equity

We understand it takes a diverse team of highly intelligent, passionate, curious, and creative people to develop the exceptional product we are building. Our dynamic team has incredible perspectives to share, just as we know you do, and we take great pride in being an equal opportunity employer.