Lead Security Engineer

Airbyte•San Francisco, CA

3d•Onsite

About The Position

As the Security Engineering Lead at Airbyte, you will be the single-threaded owner of security, compliance, and privacy for the company, working in close partnership with engineering, product, legal, and leadership. This is a senior, hands-on role for someone excited to shape how security is built, embedded, and scaled in a growing company. You will have the autonomy to set direction and make risk-based decisions, along with strong cross-functional support to execute effectively. Your work will sit at the intersection of product, infrastructure, compliance, and go-to-market, with direct impact on customer trust, enterprise adoption, and Airbyte’s ability to scale securely.

Requirements

3+ years of security leadership experience
5–8+ years of experience in security engineering, cybersecurity, or related roles
Experience making practical, risk-based security decisions in collaboration with engineering and business partners
Working knowledge of SOC 2 Type II, ISO 27001, and security governance concepts
Hands-on familiarity with cloud security, Kubernetes, and modern CI/CD environments
Strong communication skills, with the ability to explain security concepts to both technical and non-technical audiences
Comfort balancing security, compliance, and delivery velocity in a fast-moving environment.
Familiarity with privacy programs and regulations such as GDPR and CCPA
A mindset of curiosity, continuous learning, and shared ownership

Nice To Haves

Experience evaluating or applying AI-powered tools to security use cases such as detection, triage, policy analysis, or vulnerability management

Responsibilities

Own Airbyte’s security end-to-end, spanning cloud, application, endpoint, and identity security
Set security priorities and roadmaps in alignment with business goals and engineering strategy
Serve as the primary security decision-maker, bringing sound judgment, context, and partnership to risk decisions and escalations
Lead incident detection, investigation, and response, building clear, reliable, and repeatable processes
Own and evolve Airbyte’s SOC 2 Type II and ISO 27001 programs, ensuring ongoing audit readiness and operational maturity
Partner with engineers to embed security into system design, architecture, and major platform initiatives
Enable enterprise growth by leading customer-facing security engagements, including questionnaires, ad-hoc inquiries, and security-related contractual discussions
Define and operate identity and access management, including SSO, SCIM, RBAC, and access reviews
Maintain and improve Airbyte’s privacy program, collaborating with Legal on privacy policies, DPAs, TIAs, and regulatory obligations
Drive vulnerability management across the stack, including AWS, GCP, Kubernetes, applications, and container images
Influence security culture and standards across the company as Airbyte continues to grow