About the Role:

We are seeking a Staff 2 Security Platform Engineer to architect, build, and operate security services that are core to the company’s cloud infrastructure and product platforms. This is a hybrid engineering role, blending deep software development expertise with hands-on operational excellence.
You will design highly scalable security services (authentication, authorization, identity, secrets management, policy enforcement, security telemetry pipelines, etc.), while also ensuring these systems are reliable, observable, and resilient in production. You’ll work across engineering, security, compliance, and platform orgs to deliver secure-by-default building blocks that empower product teams to integrate security seamlessly.

What You Will Do:

• Architect, design, and develop security platform services with a strong focus on scalability, security, and developer experience.

• Lead operational design for reliability: build comprehensive observability, monitoring, and incident response automation into security-critical services.

• Build automation and tooling to drive self-healing systems, proactive risk detection, failure recovery, and continuous resilience testing.

• Collaborate with compliance, governance, and risk teams to translate regulatory and policy requirements into scalable technical controls.

• Lead technical design reviews, security architecture reviews, and incident postmortems for platform-level incidents.

• Mentor engineers across multiple disciplines on both security and operational best practices.

• Own end-to-end delivery of services: from initial design and development through deployment, production hardening, and lifecycle maintenance.

What You Will Bring:

• 10+ years of experience in software engineering, SRE, or security engineering roles, with significant experience operating security platform services.

• Strong backend software development experience (Go, Java, Rust, Python).

• Expertise with distributed systems, cloud infrastructure (AWS, GCP, Azure), Kubernetes, service mesh, and container orchestration.

• Strong understanding of security domains: IAM, OAuth2, OIDC, PKI, secrets management, policy engines, audit pipelines, zero trust architecture.

• Experience building highly reliable, observable, and resilient production systems.

• Operational expertise: SLOs, SLIs, error budgets, on-call leadership, incident management.

• Strong collaboration skills to drive alignment across engineering, security, and compliance stakeholders.

• Excellent communication skills with ability to influence technical and business leaders.

What Gives You an Edge:

• Experience with SPIFFE/SPIRE, OPA/Gatekeeper, Envoy, Istio, and workload identity management.

• Exposure to security compliance frameworks (FedRAMP).

• Experience leading cross-org security platform architecture initiatives.