.jpg?1647036415){kind=logo}
Engineering at Substack
We are seeking an experienced engineer to bring security expertise to Substack’s engineering team. As Substack’s first dedicated security hire, you will lead security-oriented initiatives in collaboration with product and engineering teams at Substack. You’ll work closely with product and engineering leadership to elevate our security posture, while being a hands-on engineer who can deliver tactical projects.
Substack’s compensation package includes a market competitive salary, equity for all full time roles, and exceptional benefits. Our cash compensation salary range for this role is $180,000 - $215,000. Final offer amounts are determined by multiple factors including candidate experience and expertise and may vary from the amounts listed above.
Responsibilities
- Lead conversations around security, identify organizational needs, and be a point of escalation for security matters across multiple product and engineering teams
- Define security strategies for new infrastructure and product initiatives
- Empower secure-by-default development by product teams
- Perform structured security audits and drive remediation of risks
- Monitor Substack’s vulnerability reporting program
- Assist with code reviews to proactively identify potential vulnerabilities
- Collaborate with IT team on security operations and internal security
Requirements
- 4+ years of relevant experience with security engineering or security architecture
- Domain knowledge across cybersecurity disciplines, with a focus on application and cloud security
- Independent and autonomous. We’re too small to micromanage, and expect that every person at the company owns their work and can be a leader.
- Hold yourself and others to a high standard when working on production systems.
- Enjoy collaboration with a diverse group of stakeholders while bringing your own unique experience and background to the team.
- Based in the US or willing to relocate
Nice to have
- Familiarity with some or all of our technical stack in a production environment: Node.js, PostgreSQL, AWS
- Experience working with consumer-facing products at web scale
Substack is an equal opportunity employer. All applicants will be considered for employment without regard to race, color, religion, sex (including pregnancy, sexual orientation, gender identity or transgender status), age, national origin, veteran or disability status. We’re seeking people passionate about enabling independent expression and building a better business model for creators. If you want to see what media, communities, and content can become when unmoored from advertising models, and you have the skills and experience to contribute, we’d love to meet you.
