Staff Platform Security Engineer - Office of the CISO

About The Position

Requirements

• A person who is excited about working at an industry-leading cybersecurity startup company with enterprise security needs.
• At least 8 years of security engineering experience
• Proficient in software engineering with emphasis on the Python programming language at a minimum
• Proficient in Terraform Infrastructure-as-Code
• Proficient in securing Kubernetes
• Proficient in securing AWS and GCP environments
• Proficient in securing the GitLab platform
• Proficient in security automation
• Excellent understanding of multiple security domains, such as protection, detection, response, application security, vulnerability management, or threat intelligence
• Be obsessive about security while doing everything possible to support the overall mission.
• Experience working with multiple internal and external stakeholders during incident lifecycles
• Experience communicating across a company to encourage and educate on best practices, standards, and policies

Responsibilities

• Security Architecture and Technical Leadership Design and drive a holistic Platform Security strategy aligned with business risk posture and compliance requirements.
• Collaborate with IT, GRC, DevOps, and Engineering teams to build secure and privacy-by-default product hosting platforms.
• Define and implement secure patterns for cloud-native architectures (e.g., containers, serverless, IaC).
• Create automation workflows for security incident detection and response across environments.
• Establish continuous compliance pipelines for standards like SOC 2, ISO 27001, FedRAMP, or HIPAA.
• Lead security architecture reviews, threat modeling sessions, and secure coding workshops.
• Mentor more junior security engineers and influence cross-functional teams through technical thought leadership.
• Ensuring the Obsidian product is built and deployed to a high-security standard Ensure that application code, images, dependencies, and infrastructure are scanned for vulnerabilities and that vulnerabilities are remediated in a risk-informed and timely manner.
• Embed security controls into build and deployment pipelines (GitLab CI).
• Mature vulnerability scanning (SAST, DAST, SCA) and integrate results into feedback loops for security and engineering teams.
• Develop and enforce guardrails and policy-as-code (OPA) to prevent misconfigurations and policy drift.
• Ensure that CI/CD infrastructure and other critical infrastructures and systems are hardened according to security best practices and standards, and monitored for security threats.
• Harden Kubernetes clusters, container runtimes, and cloud environments (AWS/GCP) using security standards and best practices.
• Lead implementation of infrastructure as code (Terraform), security validation, and drift detection.
• Drive zero-trust principles in service-to-service communication and access control.
• Support product penetration testing and corporate red teaming exercises.
• Ensuring Obsidian assets are managed to a high-security standard Implement security tooling, automation, and orchestration as needed for detection, response, reporting, and vulnerability management capabilities.
• Ensure that security tooling is maintained, optimized, and consistently deployed across the Obsidian install base.
• Develop security threat detection rules and analytics within Obsidian security tooling systems and drive posture security maturity.
• Support security program continuity and resiliency by maturing security documentation, processes, and runbooks.
• Build playbooks for recurring security events and operations.

Benefits

• Be part of a team-first, low-ego, mission-focused culture.
• Provide opportunities for professional development.
• Provide opportunities to make high-impact contributions to security.
• Influence the Obsidian product development.
• Annual conference attendance budget
• Competitive salary, equity, and health benefits
• Opportunity to publish research, share non-proprietary code, and present at conferences
• Reserve your seat on our rocket ship!
• We are funded by Greylock Partners, Google Ventures, Menlo Ventures, WingVC, Norwest Venture Partners, and are growing fast.
• This role is a game-changer and is about securing our company and product as we provide cutting-edge capabilities to help organizations increase their security.
• Our competitive benefits packages are designed to support our employees' well-being, both at work and at home.
• Our US based employees enjoy:
• Competitive compensation with equity and 401k
• Comprehensive healthcare with dental and vision coverage
• Flexible paid time off and paid holiday time off
• 12 weeks of new parent or family leave
• Personal and professional development resources
• For more details on our US benefits, or for information on our international benefits, please see here .
• Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location, as well as the knowledge, skills and experience of the candidate.
• In addition to a competitive base salary, this position is eligible for equity awards and may be eligible for sales commission or incentive compensation based on the role or function within the company.
• At Obsidian, we are proud to be an equal-opportunity employer. We value diversity and hire for talent, passion, and compassion.
• In compliance with federal law, all persons hired will be required to submit satisfactory proof of identity and legal authorization.
• If you have a need that requires accommodation, please contact [email protected]
• Information collected and processed as part of any job applications you choose to submit is subject to Obsidian’s Applicant Privacy Policy .