Senior (Application) Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
This is a remote position. We are looking for candidates in EMEA (UK, Spain, Sweden or Germany) and Eastern US time zones.
There are more than 700,000 active installations of Grafana around the globe, monitoring everything from beehives to climate change in the Alps. The instantly recognizable dashboards have been spotted everywhere from a SpaceX launch and Minecraft HQ to Wimbledon and the Tour de France. Grafana Labs also helps companies including Bloomberg, JPMorgan Chase, and eBay manage their observability strategies with full-stack offerings that can be run fully managed with Grafana Cloud, or self-managed with Grafana Enterprise Stack. The Grafana stack has grown to include two other open-source projects, Grafana Loki (for logs) and Grafana Tempo (for traces).
Grafana and the LGTM stack continue to be highly successful open-source projects and on-premise products, with over a million instances of our application running in the wild. Grafana is also the main frontend for Grafana Cloud where users can visualize their telemetry data as well as use our opinionated solutions for easier troubleshooting of both their infrastructure and their applications.
Role
The Security team advances Grafana’s overall security posture by building technologies, tools, and processes to enable engineering squads to better develop secure software, protect customer data, deploy systems with appropriate security controls and securely operate a remote workforce.
The Senior Security Engineer will collaborate with teams in engineering, security, information technology and other stakeholders to embed secure coding principles throughout the whole SDLC. You will also work closely within the security engineering team to further improve internal tools used to enforce Grafana Labs overall security posture.
Ideally, you would be familiar with operating in a cloud-native, remote organisation. This is an opportunity to help implement a security strategy and embed a security first culture to the teams. You will get to work on implementing and automating security testing tools, manage security and design reviews, both black and white box testing.
This is an individual contributor role reporting to the Senior Manager of Security Engineering.
Key responsibilities
A successful candidate in this role would be able to:
Design, build and maintain security products.
Develop integrations, tooling and automation for internal use that enable the Security Engineering team to operate at high speed and wide scale.
Review and propose improvements to solutions as part of design and code review processes
Automate and monitor key performance indicators and metrics for application security health.
Coordinate threat modeling activities
Support Grafana Labs’ Bug Bounty programs
Define a project plan and own metrics and key performance indicators to determine the effectiveness of your work delivery.
Create effective frameworks for internal and external security assessments
Analyse and implement well-known frameworks for secure SDLC
What you’ll bring to the role
This role would be a good fit for you if you:
Are comfortable working in a remote-first company and understand the importance of adapting and contextualising communication.
Enjoy learning, growing, and supporting others to do the same.
Have experience as an Application Security Engineer and feel comfortable working with Go, SQL, Python, React and/or Typescript. We are happy to consider candidates with other backgrounds and experience.
Enjoy transforming ideas into working code – you can design a solution, get feedback, and write a prototype yourself or collaborate closely with other engineers, product managers.
Have experience operating or supporting AWS/GCP/Azure and containerised environments (e.g., AWS ECS, Docker, k8s)
Enjoy working on complex solutions – Grafana is a highly technical solution with avid followers who rely on it every day and care deeply about their workflows.
Enjoy working as a team. For us, working together means being collaborative, friendly, kind, and respectful.
Have an interest in Grafana’s stack and a desire to contribute to our open-source foundations - We love dogfooding and giving back!
Are able to communicate clearly in written and spoken English.
Can create impact in a pragmatic, structured and simple way.
Education
BS/MS degree in engineering, computer science, or information security, or equivalent experience.
CISSP, OSCP, CKA/CKS or developer certifications are a plus.
In the United Kingdom, the Base compensation range for this role is GBP 101,000 - GBP 121,000. Actual compensation may vary based on level, experience, and skillset as assessed in the interview process. Benefits include equity, bonus (if applicable) and other benefits listed here.
*Compensation ranges are country-specific. If you are applying for this role from a different location than listed above, your recruiter will discuss your specific market’s defined pay range & benefits at the beginning of the process.
Senior (Application) Security Engineer
To see similar active jobs please follow this link: Remote Development jobs
This is a remote position. We are looking for candidates in EMEA (UK, Spain, Sweden or Germany) and Eastern US time zones.
There are more than 700,000 active installations of Grafana around the globe, monitoring everything from beehives to climate change in the Alps. The instantly recognizable dashboards have been spotted everywhere from a SpaceX launch and Minecraft HQ to Wimbledon and the Tour de France. Grafana Labs also helps companies including Bloomberg, JPMorgan Chase, and eBay manage their observability strategies with full-stack offerings that can be run fully managed with Grafana Cloud, or self-managed with Grafana Enterprise Stack. The Grafana stack has grown to include two other open-source projects, Grafana Loki (for logs) and Grafana Tempo (for traces).
Grafana and the LGTM stack continue to be highly successful open-source projects and on-premise products, with over a million instances of our application running in the wild. Grafana is also the main frontend for Grafana Cloud where users can visualize their telemetry data as well as use our opinionated solutions for easier troubleshooting of both their infrastructure and their applications.
Role
The Security team advances Grafana’s overall security posture by building technologies, tools, and processes to enable engineering squads to better develop secure software, protect customer data, deploy systems with appropriate security controls and securely operate a remote workforce.
The Senior Security Engineer will collaborate with teams in engineering, security, information technology and other stakeholders to embed secure coding principles throughout the whole SDLC. You will also work closely within the security engineering team to further improve internal tools used to enforce Grafana Labs overall security posture.
Ideally, you would be familiar with operating in a cloud-native, remote organisation. This is an opportunity to help implement a security strategy and embed a security first culture to the teams. You will get to work on implementing and automating security testing tools, manage security and design reviews, both black and white box testing.
This is an individual contributor role reporting to the Senior Manager of Security Engineering.
Key responsibilities
A successful candidate in this role would be able to:
Design, build and maintain security products.
Develop integrations, tooling and automation for internal use that enable the Security Engineering team to operate at high speed and wide scale.
Review and propose improvements to solutions as part of design and code review processes
Automate and monitor key performance indicators and metrics for application security health.
Coordinate threat modeling activities
Support Grafana Labs’ Bug Bounty programs
Define a project plan and own metrics and key performance indicators to determine the effectiveness of your work delivery.
Create effective frameworks for internal and external security assessments
Analyse and implement well-known frameworks for secure SDLC
What you’ll bring to the role
This role would be a good fit for you if you:
Are comfortable working in a remote-first company and understand the importance of adapting and contextualising communication.
Enjoy learning, growing, and supporting others to do the same.
Have experience as an Application Security Engineer and feel comfortable working with Go, SQL, Python, React and/or Typescript. We are happy to consider candidates with other backgrounds and experience.
Enjoy transforming ideas into working code – you can design a solution, get feedback, and write a prototype yourself or collaborate closely with other engineers, product managers.
Have experience operating or supporting AWS/GCP/Azure and containerised environments (e.g., AWS ECS, Docker, k8s)
Enjoy working on complex solutions – Grafana is a highly technical solution with avid followers who rely on it every day and care deeply about their workflows.
Enjoy working as a team. For us, working together means being collaborative, friendly, kind, and respectful.
Have an interest in Grafana’s stack and a desire to contribute to our open-source foundations - We love dogfooding and giving back!
Are able to communicate clearly in written and spoken English.
Can create impact in a pragmatic, structured and simple way.
Education
BS/MS degree in engineering, computer science, or information security, or equivalent experience.
CISSP, OSCP, CKA/CKS or developer certifications are a plus.
In the United Kingdom, the Base compensation range for this role is GBP 101,000 - GBP 121,000. Actual compensation may vary based on level, experience, and skillset as assessed in the interview process. Benefits include equity, bonus (if applicable) and other benefits listed here.
*Compensation ranges are country-specific. If you are applying for this role from a different location than listed above, your recruiter will discuss your specific market’s defined pay range & benefits at the beginning of the process.