CrawlJobs Logo

Staff Security Engineer

United States, San Francisco 235000.00 - 280000.00 USD / Year · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

We’re looking for an experienced security-focused engineer to help shape and scale Parafin’s security posture across our cloud and platform environments. Our Security and Infrastructure team owns the foundational systems that power all of Parafin — from compute and networking to identity and compliance — and you’ll play a central role in ensuring those systems are secure, reliable, and compliant.

Job Responsibility

  • Lead efforts to improve Parafin’s overall security posture across infrastructure, applications, and data systems
  • Develop and maintain frameworks for identity, access management, and least-privilege enforcement
  • Establish and operate best-in-class security monitoring, alerting, and incident response processes
  • Partner with product and infrastructure engineers to embed secure-by-default patterns in our systems and applications
  • Define and enforce standards for vulnerability management, secrets handling, and dependency integrity
  • Collaborate with compliance and risk teams to build and maintain controls aligned with frameworks such as SOC 2, PCI DSS, and other fintech regulations
  • Support audits and security assessments by ensuring controls are properly implemented and evidenced
  • Contribute to security awareness and training efforts across engineering teams
  • Influence long-term strategy on secure architecture, detection, and response automation

Requirements

  • 8+ years of experience in security operations or application security, preferably in a cloud-native and regulated environment
  • Strong understanding of AWS security, including IAM, VPC, and network segmentation best practices
  • Experience with threat detection and response, vulnerability management, and incident response workflows
  • Familiarity with Kubernetes and container security principles, including RBAC, admission controls, and runtime monitoring
  • Knowledge of compliance frameworks (SOC 2, PCI DSS, ISO 27001) and how to operationalize them in engineering environments
  • Strong communication and collaboration skills — comfortable working across engineering, product, and compliance teams

Nice to have

  • Experience building or maturing a security operations or application security program at scale
  • Background in security automation, threat modeling, or secure architecture reviews
  • Familiarity with developer-focused security enablement — e.g., SAST/DAST integration, dependency scanning, or security education
  • Experience in regulated or fintech environments where security and speed must coexist

What we offer

  • Equity grant
  • Medical, dental & vision insurance
  • Unlimited PTO
  • Work From Home flexibility
  • Commuter benefits
  • Free lunches
  • Paid parental leave
  • 401(k)
  • Employee assistance program

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Staff Security Engineer

8 matching positions

Staff Security Engineer

We are currently looking for a Staff Security Engineer to join a fast-growing, i...
Location
Location
United Kingdom , London
Salary
Salary:
120000.00 - 150000.00 GBP / Year
dataidols.com Logo
Data Idols
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Commercial experience as a Security Engineer, Application Security Engineer, Product Security Engineer or DevSecOps Engineer
  • Strong understanding of application security principles and secure software development practices
  • Experience working closely with software engineering teams
  • Hands-on experience securing cloud environments (AWS, GCP or Azure)
  • Experience with vulnerability management, threat modelling and security reviews
  • Knowledge of CI/CD security and modern development practices
  • Excellent stakeholder management and communication skills
Job Responsibility
Job Responsibility
  • Driving application and product security initiatives across multiple engineering teams
  • Conducting security reviews, threat modelling and risk assessments
  • Implementing and improving vulnerability management processes
  • Embedding security tooling into CI/CD pipelines and development workflows
  • Partnering with developers to promote secure coding practices
  • Reviewing cloud infrastructure and architecture from a security perspective
  • Supporting incident response and remediation activities when required
  • Defining and promoting security standards, policies and best practices
  • Influencing technical decision-making across engineering and leadership teams
What we offer
What we offer
  • Hybrid working model
  • Opportunity to work on cutting-edge AI and technology products
  • High level of autonomy and influence
  • Collaborative engineering culture
  • Career progression opportunities as the business continues to scale
  • Ongoing learning and professional development
  • Pension scheme
  • Generous holiday allowance
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Our mission is to protect, defend, and secure Uber’s products, infrastructure, a...
Location
Location
United States , New York; Seattle; San Francisco; Sunnyvale
Salary
Salary:
232000.00 - 258000.00 USD / Year
uber.com Logo
Uber
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS Degree in Computer Science, Engineering, or a related field.
  • 7+ years of industry experience in a software development or security engineering environment.
  • Proficiency in programming languages such as Golang, Java, or Python.
  • Deep understanding of distributed systems, high-availability, and high-performance system design.
  • Hands-on experience with Endpoint Security such as EDR, secure browser, and binary authentication.
Job Responsibility
Job Responsibility
  • Security Solution Development: Design, develop, and implement software solutions to automate and scale enterprise security defenses.
  • System Architecture: Own the platform and tools for securing enterprise systems across macOS, Windows, and Linux.
  • Technical Leadership: Set technical direction for specific projects by identifying priorities, managing expectations, and considering tradeoffs.
  • Innovation: Leverage automation and AI/ML to transform enterprise defense from human-driven to AI-driven.
  • Engineering Excellence: Champion best software engineering practices and empower teams to build a culture of quality and operational excellence.
  • Cross-Functional Collaboration: Partner with IT, product, and operations teams to integrate security posture improvements across the entire environment.
What we offer
What we offer
  • Uber's bonus program
  • equity award
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Mozilla is looking for an Incident Responder to monitor and mitigate attacks acr...
Location
Location
Canada; United States
Salary
Salary:
Not provided
mozilla.org Logo
Mozilla
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of demonstrated ability managing security incidents at a global scale and/or experience working in Security Operations Centers (SOC), Product Security Incident Response Teams (PSIRT), and Computer Security Incident Response Teams (CSIRT)
  • Expertise with security information and event management (SIEM) systems (eg. ELK, Google BigQuery, Splunk, etc.). Splunk proficiency is preferred
  • Expertise with integrating and leveraging threat intelligence for detection engineering
  • Expertise with security orchestration and automation (SOAR) platforms such as Tines or Splunk SOAR
  • Superb communication and leadership capacity
  • ability to partner effectively with diverse company stakeholders
  • Real-world experience in software development and/or engineering operations for consumer products and services
  • B.S. in a technology-focused field is helpful
  • Practical experience working with cloud technologies (eg. Google Cloud Platform, Amazon Web Services, Heroku, Microsoft Azure, etc.)
  • Ownership and Accountability
Job Responsibility
Job Responsibility
  • Identify and respond to security incidents on a global scale
  • Act as an incident commander to drive incidents through the entire response lifecycle
  • Design and maintain a portfolio of security alerts, automated actions, playbooks and escalation workflows in support of a high-performing 24/7 incident response capability
  • Conduct threat hunting activities, anticipate future threats, and maintain forward-thinking strategies for tools/technology/processes that combat sophisticated threat actors
  • Research threat intelligence reports, triage and manage resulting workflows
  • Partner with key stakeholders and communicate effectively to maintain a continuously improving feedback loop of preparation, identification, analysis, containment, and post mortem activities
  • Participate in on-call rotation
What we offer
What we offer
  • Generous performance-based bonus plans
  • Rich medical, dental, and vision coverage
  • Generous retirement contributions with 100% immediate vesting
  • Quarterly all-company wellness days
  • Country specific holidays plus a day off for your birthday
  • One-time home office stipend
  • Annual professional development budget
  • Quarterly well-being stipend
  • Considerable paid parental leave
  • Employee referral bonus program
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Credit Genie is a mobile-first financial wellness platform designed to help indi...
Location
Location
United States , New York, NY; Philadelphia, PA; Plymouth Meeting, PA; Pittsburgh, PA; San Francisco, CA
Salary
Salary:
150000.00 - 250000.00 USD / Year
creditgenie.com Logo
Credit Genie
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS/MS/PhD in a Computer Science, Engineering or related scientific field or equivalent professional experience
  • Passionate about advocating for and implementing solutions to complex problems, at-scale, in a large multi-cloud environment
  • Prior experience in Development Operations, Software Engineering, Systems Engineering, Security Architecture, Cloud Security or Offensive Security
  • Fluent in one or more modern coding languages (Python, Go, Java, JavaScript, etc.)
  • Experience with one or more infrastructure as code tools (Terraform, Ansible, etc.)
  • Experience with AWS, GCP, Azure and/or containers (e.g. Kubernetes)
  • Able to work both independently and collaboratively, willing to work in a fast paced, high growth environment
Job Responsibility
Job Responsibility
  • Design new and improve existing security tools, ensure their operational reliability, adherence to SLAs, and strengthen the organization’s security posture through proactive monitoring and continuous improvement
  • Drive innovation by automating security processes and developing advanced methods for analyzing and responding to security findings
  • Maintain and refine custom cloud security baselines, develop and implement cloud security policies and detection rules. Build security controls that detect, prevent, and correct cloud vulnerabilities
  • Collaborate closely with engineering teams to ensure security is embedded into solution design and deployment from the ground up
  • Empathize with the full spectrum of our customers and our engineers by advocating for effective solutions that scale with the needs of our business and our customers
  • Lead threat modeling, vulnerability assessments, and penetration testing to identify and address security risks proactively. Monitor security logs and alerts to detect anomalies and coordinate incident investigations
  • Develop and maintain incident response plans, ensuring rapid detection, analysis, and mitigation of security threats
What we offer
What we offer
  • Offers Equity
  • Offers Bonus
  • 100% company-paid medical, dental, and vision coverage for you and your dependents on your first day of employment
  • Receive up to $100 per month in fitness reimbursement or enjoy a complimentary full membership to LifeTime Fitness or Equinox
  • 401(k) with a 3.5% match and immediate vesting
  • Meal program available for both lunch and dinner
  • Pre-tax benefits, including a $1,000 HSA match
  • Life and accidental insurance
  • Flexible PTO
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Location
Location
Canada; United States , Ottawa; Austin; Toronto; Calgary
Salary
Salary:
Not provided
fullscript.com Logo
Fullscript
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • hands-on experience in secure software development using a core programming language (e.g., Go, Java, Ruby)
  • experience helping scale a security program in a product-led or fast-growing tech environment
  • experience working closely with engineering teams to embed security into the development lifecycle
  • experience building or leading a security initiative from scratch
  • legally eligible to work full time in Canada or US without sponsorship
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

At Cloudera, we empower people to transform complex data into clear and actionab...
Location
Location
United States , Remote
Salary
Salary:
Not provided
cloudera.com Logo
Cloudera
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience developing, deploying, or supporting security tools and services (e.g., security scanners, secrets management, policy engines) used by other engineering & security teams
  • Knowledge of DevSecOps principles and practical experience implementing security controls in CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions)
  • Experience with large-scale cloud security engineering in AWS, Azure, and Google Cloud, including automated network provisioning and secure configuration management
  • Experience with code review of one or more programming languages (Java, Python, Go, JS/TS)
  • Knowledge or experience in Kubernetes operations, security, and using tools like Helm for deployment and policy enforcement
  • Experience using and supporting Infrastructure as Code (IaC) & configuration management tools like Terraform, Cloudformation, or Ansible
  • Experience with operating or supporting security tools and platforms, including HashiCorp Vault for secrets management, Splunk for security monitoring and analytics, and CrowdStrike or similar EDR solutions for endpoint security
  • Working knowledge of web service frameworks, distributed architectures (event-driven, microservices, serverless), and their corresponding security challenges
  • Experience performing security reviews, developing and reviewing threat models, and conducting risk assessments against complex systems
Job Responsibility
Job Responsibility
  • Develop, deploy, and support self-service security tools and services that constitute the internal security platform
  • Contribute knowledge and support for security projects, including support of tool integration and implementation of new security capabilities within the platform
  • Support & improve security integrations into CI/CD pipelines (SAST, DAST, SCA, IAST, etc.) and developer workflows
  • Maintain deployment of secure multi-cloud environments (AWS, Azure, GCP) using Infrastructure as Code (e.g., Terraform, Ansible)
  • Assist with security architecture reviews of new products and features, contribute to threat models, and support adoption of security-as-code best practices
  • Work with the Site Reliability Engineering (SRE) team to maintain & respond to automated monitoring and security integrations for production systems
  • Collaborate with internal security teams to support compliance, incident response, and operational security requirements
  • Enable and support the adoption of security engineering best practices and standards across the organization
  • Evangelize the use of security platform tooling and deliver high-impact DevSecOps training and outreach to internal development & engineering teams
  • Participate members of the Security team and security advocates in advanced DevSecOps principles, platform engineering, and secure coding practices
What we offer
What we offer
  • Generous PTO Policy
  • Support work life balance with Unplugged Days
  • Flexible WFH Policy
  • Mental & Physical Wellness programs
  • Phone and Internet Reimbursement program
  • Access to Continued Career Development
  • Comprehensive Benefits and Competitive Packages
  • Paid Volunteer Time
  • Employee Resource Groups
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Bloomreach is building the world’s premier agentic platform for personalization....
Location
Location
Slovakia , Bratislava; Brno; Prague
Salary
Salary:
4000.00 EUR / Month
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of relevant experience
  • proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
  • practical IaC and scripting for automation
  • strong cross-functional and external communication
  • experience mentoring junior staff
  • Hands-on cloud security for AWS and GCP
  • SIEM ownership and detection engineering
  • Vulnerability and incident lifecycle ownership
  • Drive CVE lifecycle management and patching
  • Network, web, and endpoint protections
Job Responsibility
Job Responsibility
  • Owns current and target-state data architectures and reporting
  • designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls
  • deploying, securing, configuring, and operating SIEM and other security resources
  • identifying, triaging, and remediating infrastructure and web vulnerabilities
  • leading incident triage and external-researcher engagement
  • mentoring junior staff
What we offer
What we offer
  • Restricted stock units
  • Great deal of freedom and trust
  • Flexible working hours
  • Work virtual-first with several Bloomreach Hubs
  • Company events
  • 5 paid days off to volunteer
  • People Development Program
  • Communication coach
  • Leader Development Program
  • $1,500 professional education budget
  • Fulltime
Read More
Arrow Right

Staff Security Engineer

Bloomreach is building the world’s premier agentic platform for personalization....
Location
Location
Czechia , Bratislava; Brno; Prague
Salary
Salary:
Not provided
bloomreach.com Logo
Bloomreach
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years of relevant experience
  • proficiency in cloud security, network security, URL filtering, common security frameworks, and CVE lifecycle management
  • practical IaC and scripting for automation
  • strong cross-functional and external communication
  • experience mentoring junior staff
  • Hands-on cloud security for AWS and GCP: design secure architectures, perform threat modeling, apply platform-native controls, and build/validate secure IaC
  • SIEM ownership and detection engineering: deploy, configure, tune, and maintain SIEM
  • author and test detection rules and playbooks
  • integrate data sources
  • and operate with SLA-driven alerting and incident workflows
Job Responsibility
Job Responsibility
  • owns current and target-state data architectures and reporting
  • designing, implementing, and monitoring cloud (AWS/GCP) infrastructure security controls
  • deploying, securing, configuring, and operating SIEM and other security resources
  • identifying, triaging, and remediating infrastructure and web vulnerabilities
  • leading incident triage and external-researcher engagement
  • mentoring junior staff
What we offer
What we offer
  • A great deal of freedom and trust
  • flexible working hours
  • work virtual-first with several Bloomreach Hubs available across three continents
  • company events
  • 5 paid days off to volunteer
  • People Development Program
  • communication coach
  • Leader Development Program
  • $1,500 professional education budget
  • Employee Assistance Program
  • Fulltime
Read More
Arrow Right