Staff Platform Security Engineer

Описание вакансии

From Fivetran’s founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses, canonical and ready to query, with no engineering or maintenance required. We’re proud that more organizations continue to leverage our technology every day to become truly data-driven.

About the Role

Fivetran is building data pipelines to power the modern data stack for thousands of companies.

We’re looking for a Staff Platform Security Engineer to enhance the security of our cloud-native and hybrid infrastructure. This individual contributor (IC) role is hands-on and execution-focused, requiring expertise in application security, cloud security, and DevSecOps. You will work closely with engineering teams to integrate security into the development lifecycle, automate security processes, and ensure resilience against emerging threats.

This is a full-time position based out of our Oakland, CA office. Our hybrid work model offers a blend of remote flexibility and in-person collaboration, including two days in the office each week to connect and build as a team

What You’ll Do

• Collaborate with engineering teams to integrate and manage security tooling within the SDLC, strategically automating security checks and feedback loops to enhance efficiency and security posture
• Perform vulnerability scanning and participate in penetration testing exercises, automating scanning processes judiciously to identify common weaknesses, while reserving manual efforts for complex and nuanced assessments. Report findings and assist with remediation efforts.
• Develop and maintain automation scripts and infrastructure-as-code for security checks related to machine configurations, container images, IAM policies, firewall rules, and cloud storage policies.
• Implement and configure security controls within enterprise applications based on security best practices and architectural guidance.
• Contribute to threat modeling efforts by providing technical insights and implementing identified security controls.
• Work directly with engineering teams to troubleshoot and resolve security challenges across the stack while promoting a security-first mindset, identifying and automating recurring troubleshooting steps or remediation processes where it significantly improves response times and reduces manual intervention.
• Implement and operationalize security solutions for cloud-native and hybrid infrastructure based on architectural guidelines.
• Collaborate with infrastructure and cloud security teams to implement and maintain security controls across the entire technology stack, strategically prioritizing automation for consistent enforcement, monitoring, and alerting to improve overall security and reduce manual overhead.
• Implement and manage security assessment tools, including vulnerability scanners, SIEM agents, DLP endpoints, and EDR sensors.
• Participate in security assessment reviews by providing practical implementation feedback and identifying potential operational challenges.
• Develop and maintain scripts and tools to automate security monitoring and alerting.
• Stay up to date with cybersecurity threats and trends, applying this knowledge to improve implemented security controls and operational processes.

Skills We’re Looking For

• Application Security Expertise: Deep expertise in identifying and mitigating security vulnerabilities within applications (e.g., OWASP Top 10), particularly in Java codebases.
• Secure SDLC: Extensive experience integrating security into the software development lifecycle, from design and code review to testing and deployment.
• Java Proficiency: Senior-level experience with Java codebases: building, running, profiling, and optimizing Java applications in secure environments.
• Container Security: Strong experience with Docker image creation, optimization, and vulnerability mitigation, specifically for applications.
• CI/CD & Automation: Proficiency with CI/CD tools (e.g., Jenkins, GitLab CI, GitHub Actions) and experience integrating security tools into automated pipelines.
• Tooling Familiarity: Familiarity with a range of security tools for CI/CD security, static analysis (SAST), dynamic analysis (DAST), dependency analysis (SCA), and secrets management.
• Adversarial AI & Defense: Familiarity with modern attack techniques, offensive security methodologies, and defense strategies, including OWASP Top 10 for LLMs (e.g., Prompt Injection, Data Poisoning, and Model Inversion).
• Scripting: Proficiency in scripting or programming languages (e.g., Bash, Python, Go) to automate security processes and tool integration.
• Problem-Solving: Excellent problem-solving and troubleshooting skills, with the ability to work independently in fast-paced environments.
• Communication: Strong communication skills with the ability to effectively collaborate with and educate engineering teams on security principles and best practices.
• Curiosity & Urgency: Demonstrates strong curiosity, a sense of urgency, and a hands-on approach to diving deep into complex technical problems to drive timely and effective solutions.

#LI-HYBRID #LI-AM1

The compensation range displayed on this job posting reflects the minimum and maximum target for new hire compensation for the target position and level, and may include sales incentives or target bonuses depending on the role.  Our compensation ranges are determined by role, level, and location. Our job titles may span more than one career level. Within the range, individual compensation is determined by additional factors, including job-related skills, experience, relevant education or training, business need, market demands. The compensation range is subject to change and may be modified in the future. Your recruiter can share more about the specific compensation range for your location during the hiring process.

Oakland Pay Range

$196,033—$245,041.50 USD

Perks and Benefits

• 100% employer-paid medical insurance\*
• Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off
• RSU stock grants\*
• Professional development and training opportunities
• Company virtual happy hours, free food, and fun team-building activities
• Monthly cell phone stipend
• Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching, and self-guided mindfulness exercises for all covered employees and their covered dependents.

*\May vary by country and worker type - please reach out to your recruiter for more information

Click here to learn more about Fivetran's Benefits by Region.

We’re honored to be valued at over $5.6 billion, but more importantly, we’re proud of our core values of Get Stuck In, Do the Right Thing, and One Team, One Dream. Read about us in Forbes.

Fivetran brings together high-quality talent across the globe to make data access as easy and reliable as electricity for our customers. We value and recognize that our customers benefit from having innovative teams made of people from many backgrounds, experiences, and identities. Fivetran promotes diversity, equity, inclusion & belonging through attracting, recruiting, developing, and retaining a diverse workforce, not only because it is the right thing to do, but because it helps us build a world-class company to better serve our customers, our people and our communities.

To learn more about Fivetran’s culture and what it’s like to be part of the team, click here and enjoy our video.

To learn more about our candidate privacy policy, you can read our statement here.

We are committed to ensuring that all candidates have an equal opportunity to participate in our interview process. If you require accommodations at any stage of the process due to a disability, medical condition, or any other circumstance, please don't hesitate to submit your request by filling out this form. We will work with you to provide reasonable accommodations to facilitate your participation and ensure a fair and accessible interview experience. Your request and any information provided will be kept confidential and will not impact your candidacy. We look forward to hearing from you and accommodating your needs to the best of our ability.