Role overview

Platform Security Engineer

Requirements and responsibilities

Readable role content extracted into sections for faster review.

What you’ll be working on

  • Designing and implementing authentication and authorization for a large, graph-based database (hundreds of thousands of nodes)

What you’ll be working on

  • Building and evolving secure OAuth-based AuthN/AuthZ flows, including token handling, permission models, and enforcement

What you’ll be working on

  • Making concrete improvements to production security posture

What you’ll be working on

  • Auditing, understanding, and improving data flows and data-privacy controls, ensuring sensitive data does not end up where it shouldn’t

What you’ll be working on

  • Acting as a security and privacy gatekeeper in reviews — asking hard questions and requiring changes when needed

What you’ll be working on

  • Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening

What success looks like

  • Shipped meaningful, production-level security improvements

What success looks like

  • Taken ownership of parts of the AuthN/AuthZ model and implementation

What success looks like

  • Developed a solid mental model of our data flows and privacy risks

What success looks like

  • Earned trust across teams as someone who can say “this is not okay” — and explain why, with facts

What success looks like

  • Reduced risk in practical ways, not through security theatre

How you’ll work

  • You will collaborate closely with engineers across the company, not operate as a silo.

How you’ll work

  • Disagreement is normal — decisions should be backed by reasoning, data, and threat modeling, not ego.

How you’ll work

  • Blocking a release on security or privacy grounds is possible when warranted, with clear escalation paths.

How you’ll work

  • If you see a problem, even outside your direct domain, you are expected to help fix it.

Required

  • Strong proficiency in Python (our primary language)

Required

  • Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling

Required

  • Experience designing and securing non-trivial data systems

Required

  • Ability to reason about risk, trade-offs, and real-world constraints

Required

  • A track record of shipping real security improvements, not just writing policy

Strongly preferred

  • Experience with graph databases, ideally Neo4j or similar

Strongly preferred

  • Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening)

Strongly preferred

  • Experience with Go or Rust

Strongly preferred

  • Some familiarity with frontend or React (not required, but useful for end-to-end thinking)

What this role is not

  • Not a policy-only or advisory role

What this role is not

  • Not a role with pre-defined, perfectly scoped tasks

What this role is not

  • Not about chasing tools without understanding the problems they solve

What this role is not

  • Not security theatre
Similar roles

Keep a backup shortlist.

Browse stack
FocusPlatform SecurityRole area
Seniority signalSeniorCandidate level
StackCI/CD, Python, ReactPrimary skills
Location2 accepted countriesEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link