On the radar — not actively interviewing. This role sits on our 12-month hiring roadmap rather than today's pipeline. Submit the talent pool form to be considered when we begin interviews.

Security Engineer

○ On the radar · talent pool onlyRemoteFULL_TIME / CONTRACTORFocus region: Anywhere

About the role

As we move into enterprise customer contracts (SOC 2, ISO 27001) and add regulated payment surfaces, we expect to bring on a dedicated security engineer who owns the security program end-to-end: threat modeling, dependency scanning, secrets management, audit response. This role sits between platform and compliance — half engineering, half evidence-collection for auditors.

What you'll do

  • Lead the SOC 2 Type II readiness program: control mapping, evidence collection, auditor coordination.
  • Own the secrets management story (HashiCorp Vault / AWS Secrets Manager) and the rotation policy for API keys, JWT signing keys, and database credentials.
  • Run threat modeling on new features and review high-risk PRs (auth, payments, carrier integrations) before merge.

What we expect

  • 4+ years in security engineering at a SaaS company, including direct experience driving SOC 2 or ISO 27001 audit cycles.
  • Working knowledge of OWASP Top 10, web application security, and modern auth patterns (OAuth 2.1, JWT, mTLS).
  • Comfort writing remediation code in Go and TypeScript — this is an engineering role, not a GRC role.

Stack we use

Snyk / Dependabot for dependency scanning, Gitleaks for secrets, OWASP ZAP for periodic dynamic scans, AWS Secrets Manager or HashiCorp Vault for secrets at rest, Cloudflare WAF + Bot Management at the edge.

Compensation

On the radar. Compensation is calibrated to local cost of living when we open this role — we publish bands when we begin interviewing, not before. USD-denominated regardless of jurisdiction, contractor or employment depending on your legal situation.

Hiring process

  1. Not actively interviewing right now — this role sits on our 12-month hiring roadmap rather than today's pipeline.
  2. Submit the talent pool form below; we reach out when we begin interviews, typically 4-8 weeks before a public hire.
  3. When the role opens, expect a process similar to our current active openings: a short async exercise, 1-2 conversations with the relevant team, and a scoped paid trial project. We do not run leetcode-style screens.

Join the talent pool

Submit the form below to be considered when this role opens. We typically reach out 4-8 weeks before we begin interviews.

Email careers@dogesms.com →