Senior Staff Security Engineer

Posted 2 Days Ago
Be an Early Applicant
San Francisco, CA
Senior level
Software
The Role
The Senior Staff Security Engineer will build a security-minded culture within the software development lifecycle, collaborating with engineering teams for security oversight, conducting code reviews, and implementing security features in cloud infrastructure. Responsibilities include mentoring junior engineers, enhancing detection and response capabilities, and ensuring regulatory compliance.
Summary Generated by Built In

Amplitude is a leading digital analytics platform that helps companies unlock the power of their products. More than 3,500 customers, including Atlassian, Jersey Mike’s, NBCUniversal, Shopify, and Under Armour, rely on Amplitude to gain self-service visibility into the entire customer journey. Amplitude guides companies every step of the way as they capture data they can trust, uncover clear insights about customer behavior, and take faster action. When teams understand how people are using their products, they can deliver better product experiences that drive growth. 

As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.

Amplitude’s Commitment to Diversity Equity & Inclusion (DEI): Amplitude believes that diversity enables the creation of better products, improves the ability to solve complex problems, and drives more powerful solutions. We strive to create an environment of inclusion—one focused on psychological safety, empathy, and human connection—that will allow employees of all backgrounds to thrive.

About the Role:

As a Senior Staff Security Engineer, you will play a key role in building a security-minded culture within our software development lifecycle (SDLC). You’ll work with product engineering teams to provide security oversight, review code, and influence architectural decisions that allow us to meet enterprise-grade security expectations. In this role, technical expertise is essential, but equally important are collaboration, patience, and a strong sense of ownership. You won’t just identify issues—you'll be expected to go above and beyond by sometimes submitting pull requests (PRs) to fix security issues directly in other developers’ codebases. Your ability to communicate effectively, build trust, and drive results in a fast-paced environment will be key to success.


Key Responsibilities:

  • Collaborate closely with product engineering teams to assess design and implementation risks and influence secure development practices.
  • Conduct in-depth code reviews and security assessments, identifying issues and providing recommendations—and sometimes fixes—directly in codebases.
  • Develop automation and tooling to embed security within our CI/CD pipelines.
  • Lead the design and implementation of security features in the cloud infrastructure, particularly on AWS.
  • Mentor junior engineers and foster security awareness across the company.
  • Assist in building out detection and response capabilities, with a focus on reducing security risks and responding to threats in a timely manner.
  • Contribute to the improvement of existing security tools and processes or build new ones where gaps exist.
  • Participate in cross-functional collaboration with the cloud platform and DevOps teams to ensure the security of our infrastructure and cloud environments.
  • Support regulatory compliance efforts (SOC2, ISO, etc.), ensuring security controls are met.


What We’re Looking For:

  • 8+ years of experience in security engineering, with a focus on secure software development.
  • Strong background in cloud security (AWS), including IAM, VPC, and security monitoring tools.
  • A history of using cloud-native tools like Kubernetes to “shift left” in order to build security into the foundations of the develop/build/release process.
  • Expertise in modern development practices and languages (e.g., Python, Java, Typescript).
  • Experience building security into CI/CD pipelines (security as code, infrastructure as code).
  • Experience automating security tasks using scripting languages (Python, Bash, etc.).
  • Strong communication skills, especially in conveying security risks to non-security stakeholders, and the ability to navigate high-pressure environments.
  • Proven ability to influence and drive security initiatives in an organization while fostering a culture of collaboration and mutual respect.
  • Willingness to go beyond traditional responsibilities to help fix issues directly when needed.

By applying for this job, you acknowledge that Amplitude processes your personal data in accordance with the Amplitude Applicant Privacy Notice.

Staying Safe - Protect Yourself From Recruitment Fraud
We are aware of individuals and entities fraudulently representing themselves as Amplitude recruiters and/or hiring managers. Amplitude will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Amplitude recruiting team will come from an @amplitude.com email address. You can learn more about how to protect yourself from these types of fraud by referring to this article. Please exercise caution and cease communications if something feels suspicious about your interactions.

Top Skills

AWS
Kubernetes
The Company
New York, NY
505 Employees
On-site Workplace
Year Founded: 2012

What We Do

Amplitude is the Digital Optimization System. Powered by the proprietary Amplitude Behavioral Graph, the Digital Optimization System enables organizations to see and predict which combination of features and actions translate to business outcomes – from loyalty to lifetime value – and intelligently adapt each experience in real-time based on these insights. Amplitude is the brain behind more than 45,000 digital products at over 1,000 enterprise customers and 23 of the Fortune 100, helping them innovate faster and smarter by answering the strategic question: "How do our digital products drive our business?"

Similar Jobs

Crusoe Energy Systems Logo Crusoe Energy Systems

Senior/Staff Security Engineer

Cloud • Greentech • Other • Energy
Hybrid
San Francisco, CA, USA
450 Employees
180K-225K Annually

Roblox Logo Roblox

Senior Application Security Engineer

Computer Vision • Gaming • Software • Virtual Reality • Web3 • Metaverse
San Mateo, CA, USA
2500 Employees
241K-313K Annually

Benchling Logo Benchling

Security Engineer

Cloud • Healthtech • Social Impact • Software • Biotech
Hybrid
San Francisco, CA, USA
697 Employees

Block Logo Block

Senior Security Engineer, Bitcoin Platform

Blockchain • eCommerce • Fintech • Payments • Software • Financial Services • Cryptocurrency
Hybrid
8 Locations
12000 Employees
168K-297K Annually

Similar Companies Hiring

Halter Thumbnail
Software • Machine Learning • Internet of Things • Hardware • Greentech • Business Intelligence • Agriculture
Auckland City, NZ
150 Employees
TrainingPeaks (A Peaksware Company) Thumbnail
Software • Fitness
Louisville, CO
69 Employees
Jobba Trade Technologies, Inc. Thumbnail
Software • Professional Services • Productivity • Information Technology • Cloud
Chicago, IL
45 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account