Senior Security Engineer

About the Role:

• Champion DevSecOps best practices by designing and implementing security controls directly into our CI/CD pipelines (e.g., GitLab CI).
• Lead and automate application and infrastructure security assessments, including threat modeling and code review.
• Partner with developers and SREs to identify, remediate, and prevent vulnerabilities through secure design and practical guidance.
• Design, build, and maintain secure architecture patterns for containerized, cloud-native, and distributed workloads.
• Develop and maintain automated security tooling, such as container image scanning, IaC validation, and policy-as-code.
• Collaborate on automated security tooling for container image scanning, IaC validation, and RBAC compliance.
• Support incident response workflows, including detection, forensics, root cause analysis, and post-mortems.
• Provide technical mentorship and real-time enablement to help teams adopt a “secure-by-default” mindset.
• Contribute to internal security tools and automation using Python, Go, or other modern languages.
• Continuously improve how we measure and scale security across our SRE and infrastructure platforms.

Must Haves:

• Deep experience with cloud security in AWS, Azure, or GCP environments.
• Strong knowledge of container and Kubernetes security in production environments.
• Proficiency in at least one modern programming language (e.g., Python, Go, C++).
• Hands-on experience with zero-trust architecture, service mesh, and software-defined networking.
• Solid understanding of DevSecOps pipelines, IaC tools, and secure build processes.
• Hands-on experience with vulnerability scanning, SAST/DAST tools, and automated security testing.


• Proven success in fast-paced, highly collaborative environments, ideally at a startup or scale-up.
• Comfortable working closely with developers and SREs in an enablement-first security culture.
• Clear, concise communication and documentation skills.
• Ability to thrive in a multicultural, globally distributed engineering team.

Nice to Haves:

• Practical experience with policy-as-code (OPA, Sentinel, etc.).
• Understanding of software-defined networking and security policy enforcement in mesh environments.
• Familiarity with modern SRE practices, observability, and resilience engineering.
• Contributions to open-source security tools or frameworks.
• Interest or experience in space operations or aerospace systems.

Some of Our Awesome Benefits:

• 100% company-paid medical, dental, and vision insurance option for employees and dependents
• Flexible Spending (FSA) and Health Savings (HSA) Accounts offered with an employer contribution to the HSA
• 100% employer paid Life, AD&D, Short-Term, and Long-Term Disability insurance
• Flexible Time Off policy for vacation and sick leave, and 12 paid holidays
• 401(k) plan and equity options
• Daily catered lunches and snacks in office
• International exposure to our team in France
• Fully paid parental leave; 14 weeks for birthing parent and 10 weeks for non-birthing parent
• Carrot Fertility provides comprehensive, inclusive fertility healthcare and family-forming benefits with financial support
• Off-sites and many social events and celebrations
• Relocation assistance when applicable