company-img

STAFF SECURITY ENGINEER
Honeycomb.Io

   Location: Full-time remote

  Time: 1 month ago

Honeycomb - Staff Security Engineer

Staff Security Engineer

Distributed (US or Canada)
Engineering – Engineering /
Full-time /
Remote
What We’re Building
Honeycomb is the observability platform for teams who manage software that matters. Send any data to our one-of-a-kind data store, solve problems with all the relevant context, and fix issues before your customers find them. Honeycomb is the unified, fast, and collaborative choice for engineering teams who care about customer experience to get the answers they need, quickly. We are passionate about consumer-quality developer tools and excited to build technology that raises our industry’s expectations of what our tools can do for us. We’re working with well known companies like HelloFresh, Slack, LaunchDarkly, and Vanguard and more across a range of industries. This is an exciting time in our trajectory, as we’ve closed Series D funding, scaled past the 200-person mark, and were named to Forbes’ America’s Best Startups of 2022 and 2023!

In the Staff Security Engineer role, you’ll be a foundational member of a thoughtfully-expanding security team, helping us establish and grow a high standard of collaboration and intentional security. As an early member of the organization, you will have a stake in determining the tools our security organization relies on to do our jobs, establishing standards for engaging with our engineering and product colleagues, and defining the long-term security roadmap for Honeycomb as a product and an organization.

Who We Are
We come for the impact, and stay for the culture! We’re a talented, opinionated, passionate, fiercely inclusive, and responsible group of bees. We have conviction and we strive to live every day. We want our people to do what they truly love amongst a team of highly talented (but humble) peers.

How We Work
We are a remote-first company, which means we believe it is not where you sit, but how you deliver that matters most. We invest in our people and care about how you orient to our culture and processes. At the same time we imbue a lot of trust, autonomy, and accountability from Day 1. #LI-Remote

We can hire for this position in the United States and Canada

What You'll Do

    • Contribute to the long-term roadmap for our Security Team, while strategically providing guidance to colleagues and hands-on technical work as needed to support the development of an early-stage security program 
    • Collaborate with Product and Engineering partners to define when security reviews are necessary, perform security reviews accordingly, and assist in the development of vulnerability remediation strategies as needed
    • Partner with colleagues throughout the organization to determine which tools the Security Team needs to work effectively, and implement those tools accordingly
    • Act as a force multiplier through working with engineers to develop threat modeling skills to maintain a high standard of autonomy and within the engineering organization without sacrificing security basics 
    • Help maintain a culture of partnership, autonomy, sustainability, and iterative improvement
    • Partner with Engineering, Product, and IT organizations in our cloud-native environment to promote and develop a more secure production service
    • Contribute code to our internal applications and services to address classes of vulnerabilities to evolve our codebases toward secure coding practices
    • Respond to information security issues in each layer of our tech stack, in every stage of the software development lifecycle
    • Engage with the security community at large to learn about and bring innovative best practice to our Security and Engineering organizations

What You'll Bring

    • Interdisciplinary experience within the security field. You have a strength in application security, but are comfortable working a security incident when needed. You have worked as a full-stack engineer writing code, reviewing pull requests, and supporting vulnerability remediation efforts. You also have an idea of what kinds of detections are important in an early-stage security organization, how to build them, and what information you’ll need to investigate them.
    • Experience scaling to Enterprise customers. You understand the security expectations of Enterprise customers. We know these customers have more expansive demands, and you’re comfortable helping prioritize maturity initiatives within a security program to help us rise to the challenge.
    • Comfort with adjusting expectations. You know it’s important to have a planned roadmap, and know it will be disrupted when something goes wrong. You understand how to balance planned security initiatives against the interruptions of vulnerability disclosures and security incidents, and you’re comfortable rebalancing as needed to ensure urgent issues are remediated while keeping your priorities in sight. Plans can change, but when you adjust a delivery plan, you know how to focus on the must-haves, and deliver on what’s truly essential.
    • A strong sense of teamwork and a willingness to build. You have worked on teams requiring collaboration with cross-functional partners, such as product managers and other engineers, and you understand that your colleagues are not adversaries. You recognize that scalable security is dependent on reducing knowledge silos and leveling up members of the teams around you. You also enjoy pair programming and helping others when they are stuck.
    • Ability to balance security concerns with delivering value. It’s easy to get caught up in trying to build a perfectly secure solution and lose the context of the value you are delivering. You have experience revisiting scope and working in small iterations to deliver value to our customers quickly.

What You Get When You Join the Hive

    • Base pay (range) of  $210,000 - $235,000 USD
    • A stake in our success - generous equity with employee-friendly stock program
    • It’s not about how strong of a negotiator you are - our pay is based on transparent levels relative to experience
    • Time to Recharge - In addition to our Unlimited PTO policy, we have a company wide break at the end of the year
    • A remote-first mindset and culture (really!)
    • Home office, co-working, and internet stipend
    • 100% employee/75% for dependents coverage for all benefits 
    • Up to 16 weeks of paid parental leave, regardless of path to parenthood
    • Annual development allowance 
    • And much more...
Please note we cannot currently sponsor or do visa transfers at this time.

Diversity & Accommodations:
We're building a diverse and inclusive workplace where we learn from each other, and welcome nontraditional candidates, and people of all backgrounds, experiences, abilities and perspectives. You don't need to be a millennial to join us. All gens are welcome! Further, we (of course) follow federal and state disability laws and are happy to provide reasonable accommodations during the application phase, interview process, and employment. Please email to discuss accessible formats or accommodations. As an equal opportunity employer our hiring process is ; if we can do better - we want to know!