Jobs · himalayas
Lead Security Engineer
Solstice Analytics · Canada, Mexico, United States · Posted 11d ago
About the role
Contribute to cloud and application security, ensuring compliance and monitoring.
The Role Solstice Analytics Security's mission is to protect the firm and its users by preventing, detecting, and responding to cyber attacks. We follow philosophies such as Secure by Design, Defense in Depth, and Zero Trust networking. We are a team of software engineers and builders. We pride ourselves in first principles thinking and we are driven to become an innovation hub in the Security industry. As a core member of the security team, you will contribute to multiple domains such as Cloud Security, Application Security, Detection & Response, and Privacy. You will write code, build systems, and work cross-functionally with every team at Solstice Analytics in order to support Security's mission. You will work with our IT team to ensure that we set appropriate security standards to maintain a compliant organization, and work with our Infrastructure team to ensure that we consistently meet those standards. You will be responsible for continually monitoring and updating the team's security posture, and maintaining processes and a culture that encourages a secure mindset. Responsibilities Review and help design robust security standards and monitoring Maintain and improve our policy-as-code platform to enable rapid detection and response Work closely with our Infrastructure team to ensure cloud-based deployments have proper monitoring and adhere to our policies Manage SOC II audits, set a high standard for compliant software and processes, and ensure we consistently meet those standards Participate in on-call rotation to support critical security issues Own the vulnerability disclosure program and triage inbound reports to security@ Run periodic tabletop exercises and incident response drills Maintain security policies and lead recurring reviews (e.g., firewall changes, security reviews) Lead responses to partner and customer security questionnaires Maintain the security risk register, track remediation, and produce periodic security metrics for leadership Tech Stack We are committed to using the right tools for the problems we are trying to solve. We are not dogmatic, but our current stack includes: Frontend: Typescript, React, Next.js Backend: Go, PostgreSQL, BigQuery Data: BigQuery, Sqlmesh, Python Infrastructure: Kubernetes, Pulumi, Buildkite, Google Cloud Platform Security: Panther, Wiz, Vanta Our stack reflects the tools we've found most effective for the problems we solve. Strong candidates will have hands-on experience with most of these technologies and the technical range to pick up what's new quickly. Technical Qualifications Hands-on experience with cloud platforms (GCP preferred) and Kubernetes security Proficiency in at least one of Go, Python, or TypeScript - enough to build and maintain internal tooling Experience owning SOC 2 (or equivalent) compliance programs end-to-end, including evidence collection, auditor management, and remediation Experience running incident response, including on-call, post-mortems, and tabletop exercises Experience managing vendor risk reviews and responding to customer security questionnaires Strong written communication - this role interfaces with auditors, customers, partners, and engineers You will be successful at Solstice Analytics if you: Want to join a remote-first startup and make a real impact Hold yourself and your teammates to high standards Have a strong technical foundation and use your skills to help customers succeed Take end-to-end ownership of your work and enjoy collaborating across functions Compensation and Benefits We are a fully remote company and we believe in taking care of our employees. As a Solstice Analytics employee, you'll receive: The best equipment to help you do your job Flexible vacation and work hours - we believe in a healthy work-life balance (really!) Excellent health, dental, and vision insurance Generous parental leave for anyone growing their family, regardless of gender Great colleagues - we value a culture of authenticity, humility, and excellence The annual US base salary range for this role is $150,000-$220,000, narrowed during the interview process based on experience, qualifications, and location. Originally posted on Himalayas
Read the full posting on himalayas →
FAQ
Is the Lead Security Engineer role at Solstice Analytics remote?+
This Lead Security Engineer position is listed as remote (Canada, Mexico, United States).
What is the salary for the Lead Security Engineer role at Solstice Analytics?+
The listing states Estimated 100k-231k USD.
What seniority level is this Lead Security Engineer role?+
This is a senior level position.
How do I apply for the Lead Security Engineer role at Solstice Analytics?+
Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Solstice Analytics.