Resumen del rol

Platform Security Engineer

Requisitos y responsabilidades

Contenido del rol extraído en secciones para revisar más rápido.

What you’ll be working on

  • Designing and implementing authentication and authorization for a large, graph-based database (hundreds of thousands of nodes)

What you’ll be working on

  • Building and evolving secure OAuth-based AuthN/AuthZ flows, including token handling, permission models, and enforcement

What you’ll be working on

  • Making concrete improvements to production security posture

What you’ll be working on

  • Auditing, understanding, and improving data flows and data-privacy controls, ensuring sensitive data does not end up where it shouldn’t

What you’ll be working on

  • Acting as a security and privacy gatekeeper in reviews — asking hard questions and requiring changes when needed

What you’ll be working on

  • Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening

What success looks like

  • Shipped meaningful, production-level security improvements

What success looks like

  • Taken ownership of parts of the AuthN/AuthZ model and implementation

What success looks like

  • Developed a solid mental model of our data flows and privacy risks

What success looks like

  • Earned trust across teams as someone who can say “this is not okay” — and explain why, with facts

What success looks like

  • Reduced risk in practical ways, not through security theatre

How you’ll work

  • You will collaborate closely with engineers across the company, not operate as a silo.

How you’ll work

  • Disagreement is normal — decisions should be backed by reasoning, data, and threat modeling, not ego.

How you’ll work

  • Blocking a release on security or privacy grounds is possible when warranted, with clear escalation paths.

How you’ll work

  • If you see a problem, even outside your direct domain, you are expected to help fix it.

Required

  • Strong proficiency in Python (our primary language)

Required

  • Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling

Required

  • Experience designing and securing non-trivial data systems

Required

  • Ability to reason about risk, trade-offs, and real-world constraints

Required

  • A track record of shipping real security improvements, not just writing policy

Strongly preferred

  • Experience with graph databases, ideally Neo4j or similar

Strongly preferred

  • Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening)

Strongly preferred

  • Experience with Go or Rust

Strongly preferred

  • Some familiarity with frontend or React (not required, but useful for end-to-end thinking)

What this role is not

  • Not a policy-only or advisory role

What this role is not

  • Not a role with pre-defined, perfectly scoped tasks

What this role is not

  • Not about chasing tools without understanding the problems they solve

What this role is not

  • Not security theatre
Roles similares

Mantén una lista de respaldo.

Ver stack
FocoPlatform SecurityÁrea del rol
Señal de senioritySeniorNivel del candidato
StackCI/CD, Python, ReactSkills principales
Ubicación2 países aceptadosElegibilidad

Stack

Usa estas tags para comparar roles remotos similares.

Elegibilidad de ubicación

Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.

Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.

Flujo de contratación

WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.

1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.
Aplicar en el sitio de la empresaSitio de la empresaAbrir link