Security Engineer (DevSecOps)
Join NetBox Labs as a Senior Security Engineer and be a key player in shaping our security landscape! We're looking for a passionate and experienced professional with a strong DevSecOps mindset to lead the charge in building and maintaining a robust security program. This isn't just about ticking boxes; it's about creating a culture of security and trust across our entire organization.
As the technical backbone of our security initiatives, you'll be responsible for architecting and operating systems that protect our code, cloud infrastructure, supply chain, and collaboration environments. You'll be the driving force behind enhancing visibility, resilience, and trust in everything we do.
Reporting directly to the CTO within the IT/Infosec organization, you'll serve as the technical counterpart to the IT/Infosec Manager, collaborating closely with engineering leadership (Directors and Principals) to seamlessly integrate security practices into development and operations workflows. You'll empower teams to build, deploy, and maintain secure systems while focusing on the big picture.
Ready to make a real impact? You'll design and automate identity and access systems, manage integrations across key platforms, and spearhead the operation of critical company logging, detection, and data protection systems – including SIEM, DLP, and audit pipelines – ensuring rapid incident response and comprehensive visibility.
Responsibilities
Champion and guide teams in adopting DevSecOps practices, embedding security into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices.
Collaborate with the IT Manager on identity and access management, including IdP configuration, user/group organization, and cross-platform synchronization and SAML automation.
Administer and automate GitHub Enterprise and JFrog management (users, teams, org policies, and compliance) using Infrastructure as Code (IaC).
Operate and fine-tune SIEM, DLP, and centralized logging systems; define and maintain effective detection and alerting rules.
Proactively review audit logs and security telemetry across cloud, SaaS, and developer systems to identify anomalies and compliance issues.
Partner with the IT Manager to build automated onboarding/offboarding processes and access reviews aligned with least-privilege principles.
Work closely with platform, product, and engineering teams to design secure-by-default workflows, infrastructure, and deployment practices, ensuring consistent security controls across all products.
Conduct comprehensive risk assessments, tabletop exercises, and threat simulations in collaboration with engineering and operations teams, fostering a collaborative and integrated security readiness posture.
Lead and coordinate penetration testing efforts, including scoping, vendor engagement, and thorough remediation tracking.
Contribute to SOC 2 and related compliance efforts through control validation and meticulous evidence collection.
Respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to provide accurate and timely information.
Requirements
5+ years of experience in security, IT, DevSecOps, or platform engineering roles.
Deep understanding of identity management, SSO, and federation (Google Workspace, Okta, Auth0, OIDC/SAML).
Proven experience managing and automating users, groups, org policies, and compliance controls on systems like AWS, GCP, GitHub Enterprise, and JFrog.
Hands-on experience implementing and improving software supply chain security, including integrating security into CI/CD pipelines (e.g., GitHub Actions).
Experience managing SIEM/DLP platforms (e.g., Datadog, Splunk) and crafting effective detection rules.
Strong automation skills (Python, Go) and proficiency with infrastructure-as-code (Terraform).
Familiarity with SOC 2 and established security frameworks (NIST, CIS, OWASP).
Excellent communication and documentation skills, with the ability to articulate complex security concepts clearly and concisely.
Nice to Have
Experience integrating audit logs and SaaS data sources into SIEM/DLP pipelines.
Solid knowledge of secure AWS architecture and best practices for identity, networking, and workload protection.
Background in threat detection engineering or security observability.
Contributions to open-source or community security projects.
Experience with AI-assisted security tools (Copilot, ChatGPT, Cursor).
Our Culture and Values
We take ownership and solve problems with meticulous attention to detail.
We believe our open-source contributors, users, customers, and team are all vital parts of our community. When our community wins, we all win.
We prioritize simplicity and think carefully before adding complexity.
Clear communication is paramount, helping our team stay aligned and collaborate effectively.
About NetBox Labs
NetBox Labs empowers companies to build and manage complex networks efficiently. We accelerate network automation by delivering open, composable products and actively supporting the network automation community.
We are the commercial stewards of open-source NetBox, the world’s leading network source of truth, and Orb, the next-generation open-source network observability platform. Our offerings include NetBox Enterprise, a fully supported self-managed NetBox with advanced features, and NetBox Cloud, a secure, scalable, and reliable SaaS edition of NetBox.
NetBox powers thousands of organizations, and NetBox Labs is backed by investments from Notable Capital (formerly GGV), Grafana Labs CEO Raj Dutt, Flybridge, IBM, Salesforce Ventures, and Mango Capital.