You9ll be the force multiplier for a security team that needs to operate like it9s three times its size. There are secrets to migrate to Vault, detection rules to write, SAST/DAST pipelines to tune, lifecycle workflows to automate, and security tooling to integrate across every surface. This is not a DevOps role with a security label. You9ll build the automation layer that makes a lean security team operate at multiples of its size - writing the pipelines, integrations, and tooling that eliminate manual work and accelerate every security function. We use AI heavily in our own security work. You should be comfortable building alongside AI code-gen tools, using LLMs to accelerate development, and treating automation as the default answer to any repeatable process. If you see a manual workflow and immediately think about how to script it, you9ll fit in here. We9re in-person five days a week at our SF headquarters, with first Fridays remote. What You9ll Build: 3 Secrets migration pipelines - moving application secrets into HashiCorp Vault with zero downtime 3 Security orchestration and automated response (SOAR) workflows - connecting alerts from Panther SIEM, SentinelOne EDR, and Wiz CSPM into automated investigation and response playbooks 3 SAST/DAST pipeline tuning - reducing false positives, integrating findings into developer workflows, and building feedback loops that improve signal over time 3 Identity lifecycle automation - onboarding/offboarding workflows that provision and deprovision access across 53+ SaaS applications via Okta 3 Detection-as-code pipelines - version-controlled detection rules that deploy through CI/CD, with testing and validation built in 3 Security metrics and reporting dashboards - automated collection of KPIs that give leadership visibility without manual spreadsheet work What We9re Looking For 3 You9ve built automation that a security team relies on daily - not just proof-of-concept scripts 3 Strong software engineering skills in Python, TypeScript, or Go - you write production-quality code with tests, error handling, and documentation 3 Experience with CI/CD systems (GitHub Actions, CircleCI, or similar) - you9ve built pipelines, not just used them 3 Familiarity with secrets management (HashiCorp Vault, AWS Secrets Manager) - migration, rotation, and dynamic credential patterns 3 Experience integrating security tools via APIs - SIEMs, EDR, CSPM, identity providers, ticketing systems 3 You understand detection engineering well enough to write and tune rules, even if it9s not your primary focus 3 5+ years of professional experience in security engineering, security automation, DevSecOps, or software engineering with a security focus Bonus Points 3 Experience with SOAR platforms or building custom orchestration workflows 3 Familiarity with infrastructure-as-code (Terraform, CloudFormation) and GitOps patterns 3 Experience automating compliance evidence collection (SOC 2, ISO 27001) 3 You9ve built integrations between identity providers (Okta, Azure AD) and downstream systems 3 Background in detection engineering - writing Sigma rules, Panther detections, or similar 3 You9ve measured and demonstrated the ROI of security automation in a previous role Benefits 3 Equity ownership in a high-growth, profitable company 3 Relocation support to San Francisco, NYC, or London as needed 3 Housing support near our SF office 3 Daily meal stipend 3 Premium fitness membership at Equinox 3 Comprehensive health insurance