PlanetScaleRemote
Software Engineer - Information Security
United States of America
Full Time
2 days ago
$140,000 - $320,000 USD
H1B Sponsor Likely
Key skills
Security engineeringApplication securityGoPythonJavaC++Cloud securityAWSGCPAzureDatabase securityEncryptionAccess controlsSOC 2PCI DSSThreat modelingSecurity architectureSecure coding practicesKubernetes securityContainer securityCloud security posture managementSecurity monitoringIncident responseVulnerability managementCISSPCISMCEHCKubernetesCloud Security
About this role
PlanetScale is a rapidly growing company reinventing the database space. They are seeking a Software Engineer: Information Security to design and implement security controls for their cloud-native database platform, collaborate on security reviews, and enhance their security posture through proactive measures.
Responsibilities:
- You will design and implement security controls for PlanetScale's cloud-native database platform, protecting millions of queries per second for some of the world's largest applications
- You will collaborate with engineering teams to conduct security reviews, threat modeling, and provide secure coding guidance across our distributed systems
- A special focus for this role is on proactive red teaming and testing - you will consistently try to break into the PlanetScale platform as an attacker would, and help patch what you find
- You will evaluate, procure, and implement proactive security tools and technologies to strengthen our security posture
- You will work closely with our compliance team to ensure adherence to SOC 2, PCI DSS, and other security frameworks
- You will build security automation and tooling to scale security practices across the engineering organization
- You will respond to security incidents and conduct post-incident reviews to improve our security resilience
Requirements:
- 5+ years of software engineering experience with a focus on security engineering or application security
- Strong proficiency in Go, with experience in other languages like Python, Java, or C++
- Experience securing cloud-native applications and infrastructure (AWS, GCP, Azure)
- Knowledge of database security, encryption, and access controls
- Experience with security frameworks and compliance requirements (SOC 2, PCI DSS)
- Understanding of threat modeling, security architecture, and secure coding practices
- Experience with database internals, distributed systems security, or infrastructure security
- Background in security tool evaluation, implementation, and automation
- Experience with Kubernetes security, container security, and cloud security posture management
- Knowledge of security monitoring, incident response, and vulnerability management
- Previous experience at a high-growth technology company or in a security engineering role
- Relevant security certifications (CISSP, CISM, CEH, etc.)