Jobs · Information Technology · California

Lead Security Engineer

CodeRabbit · San Francisco, CA · 6 mo ago
HybridInformation Technology$200k–$300k/yrFull-time

Role Overview

CodeRabbit is on a mission to empower developers with lean, high-performance tools—they move fast, and so do the threats. That's why we're looking for a battle-tested Lead Security Engineer who’s been in the trenches and can architect, harden, and defend our infrastructure, tooling, and ecosystem.

Responsibilities

  • Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence.

  • Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration.

  • Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems.

  • Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery.

  • Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows.

  • Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company.

  • Compliance & policy — establish security standards, frameworks, or processes that evolve as we scale—but remain lean and developer-friendly.

Qualifications

  • Battle-tested experience: 8+ years in security engineering, incident response, or correlated fields—bonus if you've led through a major production breach or targeted attack.

  • Technical depth: Extensive experience with security across software and infrastructure—threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response.

  • Strategic mindset: Ability to translate risk into actionables, communicate trade-offs with engineering/product leadership.

  • Praxis over theory: You’ve taken production systems down (intentionally or unintentionally) and built them back stronger.

  • Security in chaos: Experience in pressure situations—with clarity, direction, and calm.

  • Developer-centric approach: You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down.

  • Bonus Points:

    • You’ve implemented DevSecOps tooling and orchestrated shift-left security in developer pipelines.

    • You’ve recovered from (or prevented) a critical security event, and turned that into an engineering culture improvement.

    • You’ve experience in a dev-tools, SDK, or platform-heavy company.

    • You have certifications like CISSP, CISM, CEH, or relevant cloud security certs.

Why Join Our Engineering Culture?

CodeRabbit is building the next generation of AI-native developer tooling — starting with code review. We combine large language models with deep software engineering context to help teams ship faster, catch more bugs, and make better architectural decisions at scale.

We are a high-ownership engineering culture. That means no passive execution, no waiting for perfect tickets, and no narrowly defined task boundaries. Engineers here find problems before they're assigned, use AI as a core part of how they build, ship with judgment, and own outcomes from proposal to production.

Our operating philosophy: bias toward action, ship the smallest necessary coherent slice, validate proportional to risk, watch what happens, and make the system better. AI drafts; humans decide. Speed matters, but so does understanding what you ship.

This opportunity will be energizing for people who want real ownership, pace, and high standards. It's uncomfortable for people who prefer slow consensus or heavily managed workflows.

Values

  • Collaborative Humans: Prioritizing collective intelligence

  • Fearless Innovators: Turning obstacles into growth opportunities

  • Persistent, Passionate Developers: Thriving on complex, long-term challenges

  • Impact-Driven Creators: Crafting intuitive tools for developers

  • Rapid Learners and Un-learners: Adapting quickly in our fast-paced technological world

Compensation Range

$200K - $300K

Similar jobs

Lead Security Engineer

Dev Technology Group, Inc.Suitland, MD· 2 days ago
Information Technology$120k–$190k/yrapply on devtechnologygroup.thejobnetwork.com

Lead Security Engineer

AssetMarkCharlotte, NC· 2 wk ago
Information Technology$115k–$135k/yrapply on assetmark.wd5.myworkdayjobs.com

Lead Security Engineer

Dev Technology Group, Inc.Suitland, MD· 2 wk ago
Information Technology$120k–$190k/yrapply on grnh.se

Lead Security Engineer

Bart & Associates, Inc.Suitland, MD· 6 days ago
Information Technologyapply on recruiting.paylocity.com

Lead Security Engineer

Harmonia Holdings Group, LLCMcLean, VA· 6 days ago
Information Technology$126k/yrapply on ajax.googleapis.com