Lead Security Engineer

<p><strong><span style="font-size: 10pt;">The Role</span></strong></p> <p><br><span style="font-size: 10pt;">Pipe Security's mission is to protect the firm and its users by preventing, detecting, and responding to cyber attacks. We follow philosophies such as Secure by Design, Defense in Depth, and Zero Trust networking. We are a team of software engineers and builders. We pride ourselves in first principles thinking and we are driven to become an innovation hub in the Security industry.</span></p> <p><span style="font-size: 10pt;">As a core member of the security team, you will contribute to multiple domains such as Cloud Security, Application Security, Detection &amp; Response, and Privacy. You will write code, build systems, and work cross-functionally with every team at Pipe in order to support Security's mission. You will work with our IT team to ensure that we set appropriate security standards to maintain a compliant organization, and work with our Infrastructure team to ensure that we consistently meet those standards. You will be responsible for continually monitoring and updating the team's security posture, and maintaining processes and a culture that encourages a secure mindset.</span></p> <p><strong><span style="font-size: 10pt;">Responsibilities</span></strong></p> <ul> <li><span style="font-size: 10pt;">Review and help design robust security standards and monitoring</span></li> <li><span style="font-size: 10pt;">Maintain and improve our policy-as-code platform to enable rapid detection and response</span></li> <li><span style="font-size: 10pt;">Work closely with our Infrastructure team to ensure cloud-based deployments have proper monitoring and adhere to our policies</span></li> <li><span style="font-size: 10pt;">Manage SOC II audits, set a high standard for compliant software and processes, and ensure we consistently meet those standards</span></li> <li><span style="font-size: 10pt;">Participate in on-call rotation to support critical security issues</span></li> <li><span style="font-size: 10pt;">Own the vulnerability disclosure program and triage inbound reports to security@</span></li> <li><span style="font-size: 10pt;">Run periodic tabletop exercises and incident response drills</span></li> <li><span style="font-size: 10pt;">Maintain security policies and lead recurring reviews (e.g., firewall changes, security reviews)</span></li> <li><span style="font-size: 10pt;">Lead responses to partner and customer security questionnaires</span></li> <li><span style="font-size: 10pt;">Maintain the security risk register, track remediation, and produce periodic security metrics for leadership</span></li> </ul> <p><strong><span style="font-size: 10pt;">Tech Stack</span></strong></p> <p><br><span style="font-size: 10pt;">We are committed to using the right tools for the problems we are trying to solve. We are not dogmatic, but our current stack includes:</span></p> <ul> <li><span style="font-size: 10pt;">Frontend: Typescript, React, Next.js</span></li> <li><span style="font-size: 10pt;">Backend: Go, PostgreSQL, BigQuery</span></li> <li><span style="font-size: 10pt;">Data: BigQuery, Sqlmesh, Python</span></li> <li><span style="font-size: 10pt;">Infrastructure: Kubernetes, Pulumi, Buildkite, Google Cloud Platform</span></li> <li><span style="font-size: 10pt;">Security: Panther, Wiz, Vanta</span></li> </ul> <p><span style="font-size: 10pt;">Our stack reflects the tools we've found most effective for the problems we solve. Strong candidates will have hands-on experience with most of these technologies and the technical range to pick up what's new quickly.</span></p> <p><strong><span style="font-size: 10pt;">Technical Qualifications</span></strong></p> <ul> <li><span style="font-size: 10pt;">Hands-on experience with cloud platforms (GCP preferred) and Kubernetes security</span></li> <li><span style="font-size: 10pt;">Proficiency in at least one of Go, Python, or TypeScript - enough to build and maintain internal tooling</span></li> <li><span style="font-size: 10pt;">Experience owning SOC 2 (or equivalent) compliance programs end-to-end, including evidence collection, auditor management, and remediation</span></li> <li><span style="font-size: 10pt;">Experience running incident response, including on-call, post-mortems, and tabletop exercises</span></li> <li><span style="font-size: 10pt;">Experience managing vendor risk reviews and responding to customer security questionnaires</span></li> <li><span style="font-size: 10pt;">Strong written communication - this role interfaces with auditors, customers, partners, and engineers</span></li> </ul> <p><strong><span style="font-size: 10pt;">You will be successful at Pipe if you:</span></strong></p> <ul> <li><span style="font-size: 10pt;">Want to join a remote-first startup and make a real impact</span></li> <li><span style="font-size: 10pt;">Hold yourself and your teammates to high standards</span></li> <li><span style="font-size: 10pt;">Have a strong technical foundation and use your skills to help customers succeed</span></li> <li><span style="font-size: 10pt;">Take end-to-end ownership of your work and enjoy collaborating across functions</span></li> </ul> <p><strong><span style="font-size: 10pt;">Compensation and Benefits</span></strong></p> <p><br><span style="font-size: 10pt;">We are a fully remote company and we believe in taking care of our employees. As a Pipe employee, you'll receive:</span></p> <ul> <li><span style="font-size: 10pt;">T</span><span style="font-size: 10pt;">he best equipment to help you do your job</span></li> <li><span style="font-size: 10pt;">Flexible vacation and work hours - we believe in a healthy work-life balance (really!)</span></li> <li><span style="font-size: 10pt;">Excellent health, dental, and vision insurance</span></li> <li><span style="font-size: 10pt;">Generous parental leave for anyone growing their family, regardless of gender</span></li> <li><span style="font-size: 10pt;">Great colleagues - we value a culture of authenticity, humility, and excellence</span></li> </ul> <p><span style="font-size: 10pt;">The annual US base salary range for this role is $150,000-$220,000, narrowed during the interview process based on experience, qualifications, and location.</span></p>