Buildkite

Buildkite

Buildkite: Powerful CI/CD platform for fast, secure, and scalable pipelines on your own infrastructure, offering flexibility, security, and data-driven insights.

Commercial Services & Supplies
51-250
Founded 2014
$41M raised

Description

  • Lead threat modeling and architectural security reviews across the organization.
  • Conduct adversary simulations, penetration tests, and abuse-case testing against key application and business areas.
  • Drive technical strategy for application security, adversarial testing, and cloud security.
  • Design scalable security guardrails across CI/CD, infrastructure-as-code, and developer tooling.
  • Improve vulnerability discovery, triage, remediation workflows, and ownership models.
  • Strengthen supply chain and dependency security across build systems and artifacts.
  • Design security controls embedded into product and infrastructure.
  • Partner with engineering leaders and senior ICs to align on security trade-offs.
  • Lead high-impact security initiatives from discovery through rollout.
  • Shape incident readiness, detection improvements, and post-incident hardening.
  • Mentor engineers to improve secure design and implementation practices.
  • Use automation, tooling, and policy-as-code to reduce recurring security issues.

Requirements

  • 7+ years of experience in security engineering, with strong depth in application security and adversarial testing.
  • Extensive knowledge of common web and API vulnerabilities, including the OWASP Top 10 and beyond.
  • Experience designing and reviewing secure architectures for distributed systems.
  • Hands-on adversarial security experience, including offensive testing, exploit validation, abuse-case modeling, or red teaming.
  • Strong understanding of cloud security fundamentals, ideally in AWS.
  • Experience securing CI/CD pipelines and modern developer platforms.
  • Familiarity with Terraform or other infrastructure-as-code systems.
  • Experience with Kubernetes security patterns and workload controls.
  • Strong understanding of identity, secrets management, and access control systems.
  • Comfort reading and writing production code in Ruby, Go, or similar languages.

Benefits

  • Competitive compensation, including salary, equity, and benefits.
  • Flexible, remote-first work culture.
  • Meaningful technical challenges at scale.
  • Opportunities for professional growth and company-wide technical influence.
  • Collaborative, inclusive, and innovative culture.
  • Reasonable accommodations during the recruitment process for candidates who need support.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Information Security Lead

emerchantpay 251-1K Diversified Financial Services

emerchantpay is hiring an Information Security Lead to own and improve security across its cloud-native payments engineering environment, corporate IT, and office infrastructure.

AWS CI/CD Encryption Microservices Penetration Testing Secrets Management SIEM
1 day, 15 hours ago

Senior Systems Engineer - Email Deliverability & Infrastructure

Mission Inbox 1-10 Professional Services

Senior Systems Engineer for a fully remote global team focused on managing and protecting high-availability email transmission infrastructure and deliverability operations.

DNS HAProxy Linux PostgreSQL TCP/IP
1 day, 15 hours ago

Senior AI Security Engineer

Panorama Education 251-1K Diversified Consumer Services

Panorama Education is seeking a Senior AI Security Engineer to secure its internal AI systems, external AI integrations, and governance practices for a K-12 student data platform.

Secrets Management
1 day, 16 hours ago

Senior Software Engineer (Go) - AI Resilience & Security Enhancements (Contract)

Form3 251-1K Diversified Financial Services

Form3 is hiring a Senior Software Engineer to help deliver security and resilience initiatives for its cloud-native payments platform in a remote, collaborative engineering environment.

AWS Azure BDD CI/CD CockroachDB Elasticsearch Flux GCP GitHub Go HashiCorp Vault Java Kubernetes Microservices Prometheus TDD Terraform
1 day, 16 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers