Senior Platform Engineer I (Security)
Overview:
We are hiring a Senior Platform Engineer to lead security tooling and enablement within Platform Engineering for our global SaaS environment. This role focuses on building the platforms, automation, and guardrails that help engineering teams adopt security requirements in practical, scalable ways across the software development lifecycle.
You will work at the intersection of Security, Platform Engineering, and development teams. In our model, the Security team defines policies, standards, and best practices, and Platform Engineering enables and enforces them through engineering solutions. This is a senior individual contributor role for an engineer who can lead proofs of concept, drive initiatives with limited guidance, and turn complex problems into clear, executable solutions.
What you will do:
- Lead security tooling across application security, dependency and supply chain security, artifact and container security, cloud security posture, and policy-driven workflows
- Build, integrate, and operate tools such as GitHub Advanced Security, JFrog Xray, Prisma, Black Duck, Checkmarx, and similar platforms
- Design automation for vulnerability detection, dependency hygiene, patch planning, remediation tracking, and governed security workflows
- Partner with Security and Engineering to turn defined policies and best practices into practical controls, delivery pipeline guardrails, and developer-friendly workflows
- Improve the developer experience of security tooling by reducing noise, improving remediation clarity, and helping teams move faster without weakening security controls
- Drive security-focused initiatives and OKR efforts by defining technical approaches, breaking down work, and leading execution
- Support the ongoing health and improvement of security tooling, including internally built or AI-assisted security automation where appropriate
- Work with operational teams to support secure adoption of AI-enabled engineering tools and build controls around their use where needed
What we are looking for:
- 5+ years of experience in security engineering, platform engineering, development operations, site reliability engineering, or software engineering in production environments
- Strong programming or scripting skills in Go, Python, Bash, or similar languages
- Hands-on experience with security tooling and practices across areas such as code scanning, dynamic testing, software composition analysis, secret scanning, container or image scanning, artifact security, cloud security posture management, and policy enforcement
- Experience with or exposure to tools such as GitHub Advanced Security, JFrog Xray, Prisma, Black Duck, Checkmarx, Dependabot, Renovate, or similar security and dependency management platforms
- Strong understanding of vulnerability management, dependency management, and security controls within software delivery and developer workflows
- Familiarity with Kubernetes, containers, cloud platforms, Git-based workflows, and infrastructure as code concepts
- Ability to lead technical initiatives, run proofs of concept, and deliver solutions from ambiguous requirements
- Strong collaboration and communication skills, with the ability to translate security needs into practical engineering solutions
AI Skills/Knowledge:
- Experience using AI-assisted tools to improve engineering productivity, security workflows, and developer experience
- Familiarity with AI-assisted coding tools such as GitHub Copilot or Cursor for work such as code review, documentation, and test generation
- Experience applying AI to security use cases such as log analysis, threat investigation, remediation support, or security documentation
- Familiarity with large language model APIs, agent-based workflows, or internally built AI tooling, along with the ability to evaluate and enable these tools responsibly within engineering environments
- Understanding of security considerations for AI tools, including data leakage, prompt injection, shadow AI, and compliance with enterprise AI policies
Preferred Skills:
- Exposure to compliance-driven environments such as SOC 2 or similar frameworks
- Experience supporting AI-assisted or internally built security automation
- Familiarity with modern software delivery environments where security tooling must balance risk reduction with engineering velocity
#LI-SR1