TigerData is seeking a Lead Security Engineer to enhance security practices within their engineering teams.
The role involves embedding secure development practices throughout the software development lifecycle (SDLC), from design to deployment.
Responsibilities include leading the creation and execution of the application security (AppSec) roadmap, which encompasses secure code reviews, dependency scanning, threat modeling, and secrets management.
The candidate will drive the adoption of security tooling and automation in CI/CD pipelines, such as SAST, SCA, and secret scanning.
The position requires influencing secure design decisions across engineering by building trust and technical credibility.
The role promotes a culture of secure development through enablement, documentation, and coaching rather than mandates.
Collaboration with the Cloud Platform team is essential to ensure secure-by-default infrastructure configurations, including IAM, least privilege, and encryption.
The candidate will own key security concerns related to Kubernetes and cloud-native infrastructure, ensuring security for clusters and workloads.
Participation in incident response playbooks and postmortems related to security is expected.
The role includes involvement in cross-functional compliance efforts, such as SOC2, ISO 27001, and HIPAA.
Staying updated on the evolving security landscape to continuously improve the security posture is a key responsibility.
Requirements:
Candidates must have 5+ years of experience in security engineering or software engineering with a strong focus on application security.
Experience working with development teams in high-growth or cloud-native environments is required.
Strong experience in securing Kubernetes-based infrastructure in public cloud environments, preferably AWS, is essential.
The ability to lead without direct authority, influence roadmaps, and build alignment around security outcomes is necessary.
A strong practical understanding of web app and API security, threat modeling, and secure software patterns is required.
A proven track record of implementing security improvements in codebases, pipelines, or processes is essential.
Experience in implementing or managing security tooling is required.
Effective communication skills to translate risk into clear, actionable decisions for both technical and non-technical teams are necessary.
A strong ownership mindset with the ability to lead initiatives end-to-end and a desire to grow into a formal leadership role over time is essential.
Benefits:
TigerData offers flexible PTO and comprehensive family leave.
Employees enjoy Fridays off in August.
The company provides fully remote opportunities globally.
Stock options are available for long-term growth.
A monthly WiFi stipend is provided.
Professional development and educational resources are available to employees.
Premium insurance options for employees and their families are offered for US-based employees.