Security Engineer, Application and Product

About The Position

Requirements

• 7+ years of experience in security engineering, software engineering, or infrastructure security roles, with a strong understanding of secure system design and architecture.
• Deep knowledge of software supply chain security, including build system hardening, artifact signing, dependency management, and vulnerability scanning.
• Hands-on experience implementing "shift-left" security practices, integrating security into CI/CD, IaC, and developer workflows.
• Familiarity with incident response, threat modeling, and risk assessment processes, especially in fast-moving engineering environments.
• Proficiency in at least one systems language (C, C++, Go, or Rust) and one scripting language (Python, Bash, or similar).
• Strong collaboration skills, with the ability to work closely with developers, IT, and leadership to embed security into everyday operations.
• Excellent written and verbal communication skills, you can explain complex security issues clearly to both technical and non-technical audiences.
• Curiosity and creativity for solving complex problems, and a pragmatic, engineering-driven approach to building secure systems that empower innovation.
• Strongly identifies with our core company cultural values.

Responsibilities

• Define the strategy, metrics, and implementation plan for a successful security program that measurably improves Modular's security maturity while supporting development velocity and business objectives.
• Analyze and strengthen the security of Modular's software, infrastructure, and supply chain to prevent, detect, and respond to attacks.
• Stay up to date with the latest threats, vulnerabilities, and countermeasures across application, infrastructure, and supply chain security.
• Build and automate "shift-left" security practices within the software development lifecycle to help teams deliver secure code faster.
• Conduct risk assessments on third-party vendors, services, and software dependencies to identify and mitigate potential vulnerabilities.
• Develop and implement security policies and procedures for evaluating new technologies, software acquisitions, and integrations.
• Collaborate with engineering, IT, and procurement teams to ensure secure deployment and sourcing practices.
• Monitor for and investigate security incidents, coordinating response, containment, and remediation across teams.
• Educate and train staff on security best practices, awareness, and secure development principles.
• Contribute to the creation and maintenance of disaster recovery and business continuity plans to ensure resilience.

Benefits

• Amazing Team. We are a progressive and agile team with some of the industry's best engineering and product leaders.
• World-class Benefits. In order to attract the best, we need to offer the best. Premier insurance plans, up to 5% 401k matching, flexible paid time off, and more are available to you! Please note that specific benefit packages may vary based on your location.
• Competitive Compensation. We offer very strong compensation packages, including stock options. We want people to be focused on their best work and believe in tailoring compensation plans to meet the needs of our workforce.
• Team Building Events. We organize regular team onsites and local meetups in Los Altos, CA as well as different cities. Traveling 2-4 times a year is expected for all roles.