CrawlJobs Logo

Staff Platform Security Engineer

fivetran.com Logo

Fivetran

Location Icon

Location:
United States , Oakland

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

196033.00 - 245041.50 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

Fivetran is building data pipelines to power the modern data stack for thousands of companies. We’re looking for a Staff Platform Security Engineer to enhance the security of our cloud-native and hybrid infrastructure. This individual contributor (IC) role is hands-on and execution-focused, requiring expertise in application security, cloud security, and DevSecOps. You will work closely with engineering teams to integrate security into the development lifecycle, automate security processes, and ensure resilience against emerging threats.

Job Responsibility:

  • Collaborate with engineering teams to integrate and manage security tooling within the SDLC, strategically automating security checks and feedback loops to enhance efficiency and security posture.
  • Perform vulnerability scanning and participate in penetration testing exercises, automating scanning processes judiciously to identify common weaknesses, while reserving manual efforts for complex and nuanced assessments. Report findings and assist with remediation efforts.
  • Develop and maintain automation scripts and infrastructure-as-code for security checks related to machine configurations, container images, IAM policies, firewall rules, and cloud storage policies.
  • Implement and configure security controls within enterprise applications based on security best practices and architectural guidance.
  • Contribute to threat modeling efforts by providing technical insights and implementing identified security controls.
  • Work directly with engineering teams to troubleshoot and resolve security challenges across the stack while promoting a security-first mindset, identifying and automating recurring troubleshooting steps or remediation processes where it significantly improves response times and reduces manual intervention.
  • Implement and operationalize security solutions for cloud-native and hybrid infrastructure based on architectural guidelines.
  • Collaborate with infrastructure and cloud security teams to implement and maintain security controls across the entire technology stack, strategically prioritizing automation for consistent enforcement, monitoring, and alerting to improve overall security and reduce manual overhead.
  • Implement and manage security assessment tools, including vulnerability scanners, SIEM agents, DLP endpoints, and EDR sensors.
  • Participate in security assessment reviews by providing practical implementation feedback and identifying potential operational challenges.
  • Develop and maintain scripts and tools to automate security monitoring and alerting.
  • Stay up to date with cybersecurity threats and trends, applying this knowledge to improve implemented security controls and operational processes.

Requirements:

  • Application Security Expertise: Deep expertise in identifying and mitigating security vulnerabilities within applications (e.g., OWASP Top 10), particularly in Java codebases.
  • Secure SDLC: Extensive experience integrating security into the software development lifecycle, from design and code review to testing and deployment.
  • Java Proficiency: Senior-level experience with Java codebases: building, running, profiling, and optimizing Java applications in secure environments.
  • Container Security: Strong experience with Docker image creation, optimization, and vulnerability mitigation, specifically for applications.
  • CI/CD & Automation: Proficiency with CI/CD tools (e.g., Jenkins, GitLab CI, GitHub Actions) and experience integrating security tools into automated pipelines.
  • Tooling Familiarity: Familiarity with a range of security tools for CI/CD security, static analysis (SAST), dynamic analysis (DAST), dependency analysis (SCA), and secrets management.
  • Adversarial AI & Defense: Familiarity with modern attack techniques, offensive security methodologies, and defense strategies, including OWASP Top 10 for LLMs (e.g., Prompt Injection, Data Poisoning, and Model Inversion).
  • Scripting: Proficiency in scripting or programming languages (e.g., Bash, Python, Go) to automate security processes and tool integration.
  • Problem-Solving: Excellent problem-solving and troubleshooting skills, with the ability to work independently in fast-paced environments.
  • Communication: Strong communication skills with the ability to effectively collaborate with and educate engineering teams on security principles and best practices.
  • Curiosity & Urgency: Demonstrates strong curiosity, a sense of urgency, and a hands-on approach to diving deep into complex technical problems to drive timely and effective solutions.
What we offer:
  • 100% employer-paid medical insurance*
  • Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off
  • RSU stock grants*
  • Professional development and training opportunities
  • Company virtual happy hours, free food, and fun team-building activities
  • Monthly cell phone stipend
  • Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching, and self-guided mindfulness exercises for all covered employees and their covered dependents.

Additional Information:

Job Posted:
February 20, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Fivetran - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Staff Platform Security Engineer

Staff Platform Engineer

Join our dynamic team as a Compute Platform Engineer and play a pivotal role in ...
Location
Location
Canada , Vancouver
Salary
Salary:
190000.00 - 240000.00 CAD / Year
inworld.ai Logo
Inworld AI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7 years of experience in software engineering
  • 5 years of experience with infrastructure-as-code
  • Proficiency in managing Kubernetes clusters and applications, including creating Kustomize manifests/Helm charts for new applications
  • Experience in creating and maintaining CI/CD pipelines for both applications and infrastructure deployments (using tools like Terraform/Terragrunt, ArgoCD, GitHub Actions, Ansible, etc.)
  • Deep knowledge of at least one major cloud provider (Google Cloud Platform, Microsoft Azure, Oracle Cloud)
  • Proficient in at least one backend programming/scripting languages such as Golang, Python, and Bash
Job Responsibility
Job Responsibility
  • Work closely with backend and ML engineering teams to design, deploy, and maintain reliable, high-performance, and secure cloud infrastructure for our AI engine and Studio
  • Facilitate a "you build it, you run it" culture by providing the necessary tools and processes for monitoring the reliability, availability, and performance of services
  • Manage CI/CD pipelines to ensure smooth and efficient code integration and deployment
  • Identify and implement opportunities to enhance engineering speed and efficiency
  • Conduct root cause analysis to identify critical issues and develop automated solutions to prevent recurrence
  • Develop and share best practices to improve automation and efficiency across our engineering teams
What we offer
What we offer
  • bonus
  • equity
  • benefits
  • Fulltime
Read More
Arrow Right

Staff Platform Engineer

Join our dynamic team as a Compute Platform Engineer and play a pivotal role in ...
Location
Location
United States , Mountain View, California
Salary
Salary:
180000.00 - 280000.00 USD / Year
inworld.ai Logo
Inworld AI
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7 years of experience in software engineering
  • 5 years of experience with infrastructure-as-code
  • Proficiency in managing Kubernetes clusters and applications, including creating Kustomize manifests/Helm charts for new applications
  • Experience in creating and maintaining CI/CD pipelines for both applications and infrastructure deployments (using tools like Terraform/Terragrunt, ArgoCD, GitHub Actions, Ansible, etc.)
  • Deep knowledge of at least one major cloud provider (Google Cloud Platform, Microsoft Azure, Oracle Cloud)
  • Proficient in at least one backend programming/scripting languages such as Golang, Python, and Bash
  • Candidates must be based in the SF Bay Area or willing to relocate (you will be working on-site in our South Bay office a few days a week)
Job Responsibility
Job Responsibility
  • Work closely with backend and ML engineering teams to design, deploy, and maintain reliable, high-performance, and secure cloud infrastructure for our AI engine and Studio
  • Facilitate a "you build it, you run it" culture by providing the necessary tools and processes for monitoring the reliability, availability, and performance of services
  • Manage CI/CD pipelines to ensure smooth and efficient code integration and deployment
  • Identify and implement opportunities to enhance engineering speed and efficiency
  • Conduct root cause analysis to identify critical issues and develop automated solutions to prevent recurrence
  • Develop and share best practices to improve automation and efficiency across our engineering teams
What we offer
What we offer
  • equity and benefits
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

At hyperexponential, we’re building the AI-powered platform that enables the wor...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
hyperexponential.com Logo
hyperexponential
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built or significantly contributed to security programmes from the ground up, establishing foundational security controls, compliance readiness, and incident response capabilities
  • Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent), including multi-account strategies, identity and access management, network security, and data protection
  • Driven technical security improvements by writing code, building tools, and implementing controls that scaled with company growth
  • Integrated security into development workflows through DevSecOps practices including automated testing, secrets management, container security, and infrastructure-as-code security
  • Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar), mapping technical controls to compliance requirements and guiding teams through audit cycles
  • Built trust with engineering teams by contributing technically and making security collaborative and frictionless
  • Balanced security rigor with business goals, making risk-based trade-offs that enabled growth while protecting customers and the business
  • Evaluated security implications of AI/ML systems, including understanding AI-specific risks and implementing controls to secure them
Job Responsibility
Job Responsibility
  • Build hx's security programme from the ground up, setting direction for security architecture, compliance, and incident response as we scale globally
  • Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform, ensuring systems are secure by design
  • Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines without slowing teams down
  • Lead or contribute to compliance initiatives (SOC2, ISO27001) by implementing technical controls and working cross-functionally with legal, engineering, and business teams to enable enterprise sales
  • Build security automation and tooling by writing code and scripts that scale security practices, detect vulnerabilities, and enforce policies efficiently
  • Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions
  • Act as a trusted voice in critical moments: responding to incidents, unblocking teams on security questions, and keeping high-stakes initiatives secure and on track
  • Assess and secure AI-powered systems across hx's platform, implementing controls that enable safe adoption of AI while mitigating risks like prompt injection, data leakage, and model vulnerabilities
What we offer
What we offer
  • £5,000 training and conference budget for individual and group development
  • 25 days of holiday plus 8 bank holidays (33 days total)
  • Company pension scheme via Penfold
  • Mental health support and therapy via Spectrum.life
  • Individual wellbeing allowance via Juno
  • Private healthcare insurance through AXA
  • Income protection and Life Insurance
  • Cycle to Work Scheme
  • Top-spec equipment (laptop, screens, adjustable desks, etc.)
  • Regular remote and in-person hackathons, lunch and learns, socials, and game nights
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

At hyperexponential, we’re building the AI-powered platform that enables the wor...
Location
Location
Poland , Warsaw
Salary
Salary:
Not provided
hyperexponential.com Logo
hyperexponential
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Built or significantly contributed to security programmes from the ground up
  • Designed and implemented security architecture for cloud-based distributed systems (AWS or equivalent)
  • Driven technical security improvements by writing code, building tools, and implementing controls
  • Integrated security into development workflows through DevSecOps practices
  • Led or supported compliance initiatives (SOC2, ISO27001, GDPR, or similar)
  • Evaluated security implications of AI/ML systems
Job Responsibility
Job Responsibility
  • Build hx's security programme from the ground up
  • Design and implement security controls across AWS cloud infrastructure, Kubernetes workloads, and our multi-product platform
  • Integrate security into engineering workflows by embedding automated security testing, vulnerability management, and threat detection into CI/CD pipelines
  • Lead or contribute to compliance initiatives (SOC2, ISO27001)
  • Build security automation and tooling by writing code and scripts
  • Partner with Engineering Managers, Principal Engineers, and Product Managers to embed security thinking early in design and architecture decisions
What we offer
What we offer
  • Share Options
  • 25 days of non-working + 14 Polish bank holidays (B2B) / 26 days of holiday + 14 Polish bank holidays (UoP)
  • £5,000 budget for Learning & Development
  • Mental Health Support and Therapy via Spectrum Life
  • Optional access to Healthcare package provided by Luxmed + Multisport (B2B)
  • Top-spec laptop (MacOS or Windows)
  • Company pension (UoP)
  • 10 days company sick pay at 100% salary (UoP)
  • Monthly wellbeing allowance via Juno (UoP)
  • Healthcare package provided by Luxmed (UoP)
  • Fulltime
Read More
Arrow Right

Staff Cloud Security Engineer

We're making the world of digital assets accessible and secure for everyone. Joi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in DevSecOps & automation, security assessment, and cloud-native environments
  • 8+ years of experience on information security
  • Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
  • Hands-on experience with security tooling deployment, monitoring, and incident response
  • Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders
  • Excellent presentation and written communication skills
  • Ability to work autonomously, deal with ambiguity, and handle high-pressure situations.
Job Responsibility
Job Responsibility
  • Collaborate with the Infrastructure, the engineering and the Donjon teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities
  • Work closely with the Donjon, the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline
  • Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure
  • Participate in the design and implementation of security architectures, from the design to the risk assessment
  • Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis
  • Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement.
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products.
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right

Staff Cloud Security Engineer

We're making the world of digital assets accessible and secure for everyone. Joi...
Location
Location
France , Paris
Salary
Salary:
Not provided
https://www.ledger.com Logo
Ledger
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in DevSecOps & automation, security assessment, and cloud-native environments
  • 8+ years of experience on information security
  • Proficiency working in Unix/Linux environments, Git, Python, Terraform, Kubernetes, AWS cloud solutions and architectures, CI/CD tools, configuration management, etc.
  • Hands-on experience with security tooling deployment, monitoring, and incident response
  • Proven track record of cross-functional work, with the ability to collaborate effectively with various teams and stakeholders
  • Excellent presentation and written communication skills
  • Ability to work autonomously, deal with ambiguity, and handle high-pressure situations
Job Responsibility
Job Responsibility
  • Building and driving the cybersecurity transformation by integrating secure development practices, ensuring application security via automated scanning, and collaborating closely with the Infrastructure, Engineering, and The product security (Donjon) teams
  • Collaborate with the Infrastructure, the engineering and the Donjon teams to integrate security into the delivery plans, ensure early detection and mitigation of security vulnerabilities
  • Work closely with the Donjon, the product Security team responsible, to provide automation and tooling for product security evaluation integration in CI/CD pipeline
  • Engage in proactive security practices, including penetration testing, vulnerability assessments, and Infrastructure Security (IaC) code reviews to ensure Ledger's platforms and applications are secure
  • Participate in the design and implementation of security architectures, from the design to the risk assessment
  • Act as the primary point of contact for any security incidents, ensuring rapid response, mitigation, and post-incident analysis
  • Drive the adoption of DevSecOps culture, best practices, and methodologies across the organization, ensuring continuous security improvement
What we offer
What we offer
  • Equity: Employees are the foundation of our success, and we award stock options so you can share in that success as we grow
  • Flexibility: A hybrid work policy
  • Social: Annual company outing for Ledgerdary Days, plus frequent social events, snacks and drinks
  • Medical: Comprehensive health insurance policy offering extensive medical, dental and vision care coverage
  • Well-being: Personal development, coaching & fitness with our dedicated partners
  • Vacation: Five weeks of paid leave per year, in addition to national holidays and rest & relaxation (RTT) days
  • High tech: Access to high performance office equipment and gadgets, including Apple products
  • Transport: Ledger reimburses part of your preferred means of transportation
  • Discounts: Employee discount on all our products
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy