Senior Security Engineer at NetBox Labs

Security Engineer (DevSecOps)Role OverviewNetBox Labs is seeking a Senior Security Engineer with a strong DevSecOps mindset to lead the technical backbone of our security program - bringing together automation infrastructure security and proactive threat detection. This hands-on role will architect and operate systems that secure our code cloud supply chain and collaboration environments driving visibility resilience and trust across everything we build.Reporting to the CTO within the IT/Infosec organization this role serves as the technical counterpart to the IT/Infosec Manager.Youll work closely with our engineering leadership (Directors and Principals) to embed security practices into development and operations workflows - helping teams build deploy and maintain secure systems without being directly involved in product building. Youll design and automate identity and access systems manage integrations across key platforms and lead the operation of company logging detection and data protection systems - including SIEM DLP and audit pipelinesto ensure visibility resilience and fast incident response.ResponsibilitiesEnable and guide teams to adopt DevSecOps practices ensuring security is built into CI/CD and infrastructure pipelines through shared standards tooling and best practices.Work with IT Manager on company identity and access management: IdP configuration user/group organization and automation via cross-platform synchronization and SAML.Administer and automate GitHub Enterprise and JFrog management (users teams org policies and compliance) using IaC.Operate and tune SIEM DLP and centralized logging systems; define and maintain detection and alerting rules.Review audit logs and security telemetry across cloud SaaS and developer systems for anomalies and compliance issues.Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least-privilege principles.Collaborate with platform product and engineering teams to design secure-by-default workflows infrastructure and deployment practices ensuring consistent security controls across products.Conduct risk assessments tabletop exercises and threat simulations in concert with engineering and operations teams ensuring security readiness is collaborative and integrated.Lead and coordinate penetration testing efforts including scoping vendor engagement and remediation tracking.Support SOC 2 and related compliance efforts through control validation and evidence collection.Help respond to and complete customer and vendor security questionnaires collaborating with compliance and engineering teams to ensure accurate and timely answersRequirements5 years in security IT DevSecOps or platform engineering roles.Deep understanding of identity management SSO and federation (Google Workspace Okta Auth0 OIDC/SAML).Experience managing and automating users groups org policies and compliance controls on systems like AWS GCP GitHub Enterprise and JFrog.Experience implementing and improving software supply chain security including integrating security into CI/CD pipelines (e.g. GitHub Actions).Experience managing SIEM/DLP platforms (e.g. Datadog Splunk) and writing detection rules.Strong automation skills (Python Go) and proficiency with infrastructure-as-code (Terraform).Familiarity with SOC 2 and security frameworks (NIST CIS OWASP).Excellent communication and documentation skills.Nice to HaveExperience integrating audit logs and SaaS data sources into SIEM/DLP pipelines.Knowledge of secure AWS architecture and best practices for identity networking and workload protection.Background in threat detection engineering or security observability.Open-source or community security contributions.Experience with AI-assisted security tools (Copilot ChatGPT Cursor).Our culture and values:We own and solve problems with high attention to detail.Our open source contributors users customers & team are all part of our community. When our community wins we win.We prioritize simplicity and think twice before adding complexityClear communication helps keep our team aligned and collaborating smoothly.About NetBox Labs:NetBox Labs helps companies build and manage complex networks. We help customers accelerate network automation by delivering open composable products and supporting the network automation community.NetBox Labs is the commercial steward of open source NetBox the worlds most popular network source of truth and Orb the next-generation open source network observability platform. Our products include NetBox Enterprise a fully supported self-managed NetBox with advanced features and NetBox Cloud a secure scalable and reliable SaaS edition of NetBox.NetBox powers thousands of companies and NetBox Labs is backed by investment from Notable Capital (formerly GGV) Grafana Labs CEO Raj Dutt Flybridge IBM Salesforce Ventures and Mango Capital.Required Experience:Senior IC Key Skills Car Driving,Access,CFA,Excel,Irrigation,Marine Services Employment Type : Full-Time Department / Functional Area: Engineering Experience: years Vacancy: 1 Monthly Salary Salary: 180 - 190