Overview

Engineering at Substack

We are seeking an experienced engineer to bring security expertise to Substack’s fast growing engineering team. In this role, you will lead security-oriented engineering initiatives and be responsible for key deliverables while collaborating with all product and engineering teams at Substack. You will work closely with product and engineering leadership to create strategic security initiatives that elevate our security posture; while also being a hands-on engineer that can deliver tactical security projects. This position can be based in San Francisco or remote across North America or Canada.

Responsibilities

  • Guide conversations around security and be a point of escalation for security matters across multiple product and engineering teams
  • Be able to demonstrate software development experience
  • Identify technology and organizational needs for security throughout the company
  • Define security strategies for new infrastructure initiatives
  • Empower secure-by-default development by shipping libraries and frameworks that address classes of vulnerabilities at scale
  • Perform structured security risk assessment to identify and prioritize issues, and be willing to lead and implement solutions
  • Participate in on-call rotation for infrastructure security issues
  • Assist with code reviews to proactively identify potential vulnerabilities, and follow-up with tooling to prevent future vulnerabilities

Requirements

  • 6+ years of relevant experience with security engineering or security architecture
  • Excellent written and verbal communication skills.
  • Ability to prioritize tasks and take thoughtful action when making decisions
  • Enjoy collaboration with a diverse group of thinkers while bringing our own unique experience and background to the team.

Substack is an equal opportunity employer. All applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, gender identity or transgender status), age, national origin, veteran or disability status. We’re seeking people passionate about enabling independent expression and building a better business model for creators. If you want to see what media, communities, and content can become when unmoored from advertising models, and you have the skills and experience to contribute, we’d love to meet you.