Security Engineer
About the role
We are seeking a Senior Security Engineer to join our Infrastructure Team. This role requires a deep understanding of security as an engineering challenge and a passion for building robust systems.
Responsibilities
- Own the Stack: Secure everything from our Kubernetes clusters on the cloud to our SaaS integrations and developer workflows.
- Usher in the Future: Articulate and execute on a vision for what security should be in the age of LLMs giving both us and attackers increasing leverage.
- Engineer for Security: Build internal tooling and CI/CD automations that catch vulnerabilities before they ever hit production.
- Architect & Model: Lead threat modeling sessions and secure code reviews, ensuring we design "secure-by-default" APIs and deployments.
- Harden the Perimeter: Take a first-principles approach to hardening authentication and access control across all internal and external surfaces.
- Red Team: Proactively probe for vulnerabilities and lead the remediation.
- Lead the Bug Bounty: You will be the primary owner for standing up, launching, and managing our Bug Bounty Program, triaging reports, and driving remediation.
- Respond & Remediate: Investigate vulnerabilities, lead incident response, orchestrate pen testing, and run blameless postmortems that actually result in systemic change.
- Evangelize: Be the partner, not the blocker. Translate complex security risks into actionable engineering tasks that your peers can get excited about.
Requirements
You must have 6+ years of experience in software/infrastructure engineering with a deep obsession with security. You should be deeply familiar with Google Cloud (GCP), Kubernetes, and containerized environments. You need to be a Systems Thinker, able to analyze a system for weaknesses, and an Action-Oriented individual with a track record of responding to real-world incidents and leading remediation efforts.
Qualifications
Experience with modern CI/CD workflows and various SaaS integrations is preferred. Knowledge of cloud services such as Google Cloud Platform (GCP) is essential.
Skills
Strong skills in cloud services, security, and infrastructure engineering are required. Experience with Kubernetes, Terraform, and containerized environments is necessary.
Benefits
Includes a $4000/yr travel stipend, productivity stipend, AI Tools stipend, team lunch stipend, and a one-time home office stipend. Health insurance costs are covered up to 100%. Equity in the company is also provided.
Pay
The target salary for this position ranges from $165,000-$200,000.
Schedule
Roboflow is distributed across the US and Europe. We currently have Hubs in New York City and San Francisco (and plan to open more as we grow density in new cities).