Key skills
TypeScriptGoAIGCPTerraformKubernetesSaaS
About this role
Sourcegraph is a company at the forefront of transforming how software is built, providing a powerful code intelligence platform. The Security Engineer will join the security team to enhance product security, manage security operations, and respond to incidents, ensuring the safety of the codebase and customer deployments.
Responsibilities:
- Be onboarded to our alerting and monitoring stack
- Participate in on-call rotations
- Discover, fix, and mitigate infrastructure vulnerabilities by updating libraries, base images, and analyzing containers
- Maintain internal systems, such as automations that assist in alert triaging
- Work with other teams to triage, troubleshoot, and mitigate customer concerns and questions about our security
- Enhance our application security with audits, best practices, code fixes, and continuous education
- Perform reactive incident response if a security event occurs
- Perform proactive research to detect new attack vectors
- Perform threat modeling for existing and future applications
- Assess and integrate new tools and technologies to improve our operational efficiencies
- Help maintain compliance with SOC 2, ISO 27001 & GDPR standards
Requirements:
- Practical experience reviewing SIEM alerts and participating in on-call rotations
- Practical experience securing SaaS applications as a security generalist, including infrastructure security, application security, and/or compliance
- Experience with Go, including writing and maintaining internal tooling along with code reviews
- Experience with Elastic stack and GCP
- Experience using and automating a wide range of defensive security tools
- Experience working across engineering teams to secure projects across the organization
- You are high agency
- You communicate effectively in writing and documentation
- Experience developing software as an engineer (i.e., writing code and contributing directly to applications)
- Experience working in a startup environment
- Experience with TypeScript and Terraform
- Experience with Kubernetes
- Experience securing AI products