Job details

Security Engineer

Get a free resume review

Remote - North America or Europe

At EngFlow, we help developers save time by accelerating software builds and tests. Our cloud-based, distributed service optimizes workflows through remote execution and caching, improving efficiency, developer productivity, and product quality.

Backed by top investors, EngFlow is redefining how companies build and ship well-tested software. Our solutions speed up builds by a factor of 10 or more, while our observability platform provides actionable insights for optimization. Founded by key contributors to Bazel, we build tools that empower engineering teams—from startups to Fortune 500 companies—to enhance developer velocity and improve build performance.

Learn more about our mission, culture, and team: EngFlow | Video

As a Security Engineer, you will report to the Head of Product Engineering, with a dotted line to the CTO. You will work closely with business and technical teams to ensure our systems remain secure, meet SOC 2 compliance, and address security concerns from prospects and customers. You thrive in a fast-paced environment, proactively tackling challenges and ensuring security remains a top priority as we scale.

Key Responsibilities

Define and enforce security best practices across EngFlow’s infrastructure.
Manage security audits, including SOC 2 / FedRAMP compliance.
Oversee penetration testing with external vendors.
Implement and maintain intrusion detection, vulnerability management, and cloud security controls.
Collaborate with engineering teams to enhance supply chain security.
Own and update the Information Security Management System (ISMS) and related documentation.
Address security reviews, questionnaires, and compliance inquiries from customers.
Participate in an on-call rotation to support escalated security issues.

Strong analytical skills and passion for security optimization.

Advanced knowledge of supply chain security and cloud security.

Experience managing SOC 2 / FedRAMP audits and penetration tests.

Expertise in intrusion detection, vulnerability tracking, and management.

Familiarity with at least one build system (Bazel, CMake, Maven, Gradle, Nix, Buck, etc.).

Experience in DevOps, DevInfra, Linux, and Unix shell.

Hands-on experience with at least one cloud provider (AWS, Azure, GCP, OpenShift, Oracle Cloud). Terraform experience is a plus.

We offer comprehensive medical, dental, vision benefits, 401k bonus, parental leave and generous vacation. The team is fully remote but we enjoy meeting together several times a year at exciting destinations throughout the world. We value getting the work done and having fun while doing it, and have done numerous fun team events such as chocolate, whisky and tea tastings, monthly team games, escape the room among other fun events.

Average salary estimate

$125000 / YEARLY (est.)

min

max

$100000K

$150000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Security Engineer, EngFlow Inc.

At EngFlow, we’re on a mission to empower developers to enhance their workflows by automating and speeding up software builds and tests. As a Security Engineer, you will play a pivotal role in our dynamic, remote team, where you’ll help ensure our systems remain secure while meeting SOC 2 compliance standards. You’ll be reporting directly to the Head of Product Engineering, and collaborating closely with the CTO as well as various business and technical teams. Your responsibilities will range from defining and enforcing robust security practices to managing security audits, including FedRAMP compliance. You’ll work with external vendors on penetration testing and oversee vulnerability management efforts. By engaging with engineering teams, you will enhance supply chain security, all while maintaining our Information Security Management System (ISMS). Your analytical skills and passion for security optimization will shine as you address customer security reviews and compliance inquiries. In our fast-paced environment at EngFlow, we value proactive approaches to challenges while keeping security at the forefront as we continue to scale. With competitive benefits and a fully remote team culture, including exciting team events, EngFlow is not just about productivity but also about having fun while getting the job done. Join us on this amazing journey where you can make a significant impact in the software development landscape while growing in your career!

Frequently Asked Questions (FAQs) for Security Engineer Role at EngFlow Inc.

What are the responsibilities of a Security Engineer at EngFlow?

The Security Engineer at EngFlow is responsible for defining and enforcing security best practices, managing security audits such as SOC 2 and FedRAMP, overseeing penetration testing, and implementing intrusion detection and vulnerability management measures. It’s a multifaceted role that demands collaboration with engineering teams to enhance supply chain security and maintaining the Information Security Management System (ISMS). Additionally, the engineer addresses customer security inquiries and participates in an on-call rotation.