Banner Image
  • Location

    San Francisco, California

  • Job title:

    Staff Software Engineer, Security

  • Sector:


  • Job type:

    Direct Hire

  • Job ref:


You will be the first security expert working with and facilitating the squad, and thereby all of Engineering to support our security initiatives! 

Day-to-day responsibilities

  • Work on our nascent Infrastructure Squad composed of  DevOps / SREs to plan, implement, maintain, and enhance current cloud monitoring and incident response processes and toolsets.
  • Analyze security systems and seek improvements on a continual basis
  • Propose and contribute to proactive security automations aimed at reduction in manual remediation work
  • Establish and maintain security processes tied to critical security and compliance controls
  • Develop best practices and security standards for the organization
  • Help improve our detection capabilities through engineering projects and tooling improvements
  • Foster good security hygiene across all of our squads through risk analysis and prioritized remediation recommendations 
  • Be our reference expert for vulnerability identification, validation, and remediation.
  • Set up and maintain our schedules for penetration testing and planning towards security certifications.


  • Expertise in Endpoint Protection Platforms, intrusion detection, firewalls, and content filtering.
  • Knowledge of risk assessment tools, technologies, and methods.
  • Expertise in designing secure networks, systems, and application architectures.
  • Disaster recovery, computer forensic tools, technologies, and methods.
  • Planning, researching, and developing security policies, standards, and procedures at a business-wide level.
  • Google Cloud (cloud platform as a service (PaaS)) security.
  • Automating security testing tools.
  • Experience with offensive security tools

The best parts of this job

  • You’ll be at the cutting edge of website development — working on one of the fastest-growing site building frameworks on the market. 
  • You’ll feel a deep sense of ownership. This role will play a key part in shaping our future as we securely scale. We’ll require your expertise about how to improve our infrastructure as our resident expert.
  • An incredible squad to learn from and mentor. From domain experts to talented early-career developers, the Gatsby team is a team that you will be challenged by, and that you will challenge.
  • Challenging technical problems. These include scaling, container orchestration, and running untrusted code at scale. These challenging engineering endeavors and problems are complex, but rewarding and oh-so-energizing.

The worst parts of this job

  • Shifting context. You may necessarily have to shift context, whether it’s due to shifting priorities, a customer opportunity, or the identification of a vulnerability.
  • We’re a really distributed team. The Infrastructure squad, in particular, has contributors from the Pacific time zone to the India standard time zone. We’re passionate about remote work, and strive to create sustainable work schedules for everyone, but this sometimes results in longer feedback loops and the requirement to base communication on written artifacts.
  • We don’t know what we don’t know.  You will be leaned on to suggest improvements to our security practices and paradigms that we acknowledge are in their early stages, all under the pressure that a bad actor could compromise us as we are learning.




A Human Approach to Staffing

Our Company is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment which is free of harassment, discrimination, or retaliation because of sex, gender, race, religion, color, national origin, physical or mental disability, genetic information, marital status, age, sexual orientation, gender identity, military service, veteran status, or any other status protected by federal, state, or local laws. The Company is dedicated to the fulfillment of this policy in regard to all aspects of employment, including but not limited to recruiting, hiring, placement, transfer, training, promotion, rates of pay, and other compensation, termination, and all other terms, conditions, and privileges of employment.