Remote Lead Security Engineer

Description:

• TigerData is seeking a Lead Security Engineer to enhance security practices within their engineering teams.
• The role involves embedding secure development practices throughout the software development lifecycle (SDLC), from design to deployment.
• Responsibilities include leading the creation and execution of the application security (AppSec) roadmap, which encompasses secure code reviews, dependency scanning, threat modeling, and secrets management.
• The candidate will drive the adoption of security tooling and automation in CI/CD pipelines, such as SAST, SCA, and secret scanning.
• The position requires influencing secure design decisions across engineering by building trust and technical credibility.
• The role promotes a culture of secure development through enablement, documentation, and coaching rather than mandates.
• Collaboration with the Cloud Platform team is essential to ensure secure-by-default infrastructure configurations, including IAM, least privilege, and encryption.
• The candidate will own key security concerns related to Kubernetes and cloud-native infrastructure, ensuring security for clusters and workloads.
• Participation in incident response playbooks and postmortems related to security is expected.
• The role includes involvement in cross-functional compliance efforts, such as SOC2, ISO 27001, and HIPAA.
• Staying updated on the evolving security landscape to continuously improve the security posture is a key responsibility.

Requirements:

• Candidates must have 5+ years of experience in security engineering or software engineering with a strong focus on application security.
• Experience working with development teams in high-growth or cloud-native environments is required.
• Strong experience in securing Kubernetes-based infrastructure in public cloud environments, preferably AWS, is essential.
• The ability to lead without direct authority, influence roadmaps, and build alignment around security outcomes is necessary.
• A strong practical understanding of web app and API security, threat modeling, and secure software patterns is required.
• A proven track record of implementing security improvements in codebases, pipelines, or processes is essential.
• Experience in implementing or managing security tooling is required.
• Effective communication skills to translate risk into clear, actionable decisions for both technical and non-technical teams are necessary.
• A strong ownership mindset with the ability to lead initiatives end-to-end and a desire to grow into a formal leadership role over time is essential.

Benefits:

• TigerData offers flexible PTO and comprehensive family leave.
• Employees enjoy Fridays off in August.
• The company provides fully remote opportunities globally.
• Stock options are available for long-term growth.
• A monthly WiFi stipend is provided.
• Professional development and educational resources are available to employees.
• Premium insurance options for employees and their families are offered for US-based employees.