Resumo da vaga

Platform Security Engineer

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

What you’ll be working on

  • Designing and implementing authentication and authorization for a large, graph-based database (hundreds of thousands of nodes)

What you’ll be working on

  • Building and evolving secure OAuth-based AuthN/AuthZ flows, including token handling, permission models, and enforcement

What you’ll be working on

  • Making concrete improvements to production security posture

What you’ll be working on

  • Auditing, understanding, and improving data flows and data-privacy controls, ensuring sensitive data does not end up where it shouldn’t

What you’ll be working on

  • Acting as a security and privacy gatekeeper in reviews — asking hard questions and requiring changes when needed

What you’ll be working on

  • Improving and maintaining supply-chain security, including SAST, SCA, container scanning, and CI/CD hardening

What success looks like

  • Shipped meaningful, production-level security improvements

What success looks like

  • Taken ownership of parts of the AuthN/AuthZ model and implementation

What success looks like

  • Developed a solid mental model of our data flows and privacy risks

What success looks like

  • Earned trust across teams as someone who can say “this is not okay” — and explain why, with facts

What success looks like

  • Reduced risk in practical ways, not through security theatre

How you’ll work

  • You will collaborate closely with engineers across the company, not operate as a silo.

How you’ll work

  • Disagreement is normal — decisions should be backed by reasoning, data, and threat modeling, not ego.

How you’ll work

  • Blocking a release on security or privacy grounds is possible when warranted, with clear escalation paths.

How you’ll work

  • If you see a problem, even outside your direct domain, you are expected to help fix it.

Required

  • Strong proficiency in Python (our primary language)

Required

  • Deep understanding of authentication and authorization concepts, including OAuth, JWTs, permission models, and secure token handling

Required

  • Experience designing and securing non-trivial data systems

Required

  • Ability to reason about risk, trade-offs, and real-world constraints

Required

  • A track record of shipping real security improvements, not just writing policy

Strongly preferred

  • Experience with graph databases, ideally Neo4j or similar

Strongly preferred

  • Experience with CI/CD and supply-chain security (SAST, SCA, container scanning, pipeline hardening)

Strongly preferred

  • Experience with Go or Rust

Strongly preferred

  • Some familiarity with frontend or React (not required, but useful for end-to-end thinking)

What this role is not

  • Not a policy-only or advisory role

What this role is not

  • Not a role with pre-defined, perfectly scoped tasks

What this role is not

  • Not about chasing tools without understanding the problems they solve

What this role is not

  • Not security theatre
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoPlatform SecurityÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackCI/CD, Python, ReactSkills principais
Localização2 países aceitosElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.
Aplicar no site da empresaSite da empresaAbrir link