Join our companies in their quest to drive powerful, positive, change that endures.

Security Engineer

Substack

Substack

Software Engineering
Remote
Posted on Tuesday, January 23, 2024

Engineering at Substack

We are seeking an experienced engineer to bring security expertise to Substack’s engineering team. As Substack’s first dedicated security hire, you will lead security-oriented initiatives in collaboration with product and engineering teams at Substack. You’ll work closely with product and engineering leadership to elevate our security posture, while being a hands-on engineer who can deliver tactical projects.

Substack’s compensation package includes a market competitive salary, equity for all full time roles, and exceptional benefits. Our cash compensation salary range for this role is $180,000 - $215,000. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.

Responsibilities

  • Lead conversations around security, identify organizational needs, and be a point of escalation for security matters across multiple product and engineering teams
  • Define security strategies for new infrastructure and product initiatives
  • Empower secure-by-default development by product teams
  • Perform structured security audits and drive remediation of risks
  • Monitor Substack’s vulnerability reporting program
  • Assist with code reviews to proactively identify potential vulnerabilities
  • Collaborate with IT team on security operations and internal security

Requirements

  • 4+ years of relevant experience with security engineering or security architecture
  • Domain knowledge across cybersecurity disciplines, with a focus on application and cloud security
  • Independent and autonomous. We’re too small to micromanage, and expect that every person at the company owns their work and can be a leader.
  • Hold yourself and others to a high standard when working on production systems.
  • Enjoy collaboration with a diverse group of stakeholders while bringing your own unique experience and background to the team.

Nice to have

  • Familiarity with some or all of our technical stack in a production environment: Node.js, PostgreSQL, AWS
  • Experience working with consumer-facing products at web scale

Substack is an equal opportunity employer. All applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, gender identity or transgender status), age, national origin, veteran or disability status. We’re seeking people passionate about enabling independent expression and building a better business model for creators. If you want to see what media, communities, and content can become when unmoored from advertising models, and you have the skills and experience to contribute, we’d love to meet you.