Loading...
Loading...

incident.io is seeking a Security Engineer to build its security function from the ground up. This role will embed within product teams to design and build secure systems, identify vulnerabilities, coach engineers on secure coding, and shape a security-conscious culture. You will leverage AI tools for security tasks and be responsible for securing AI features. The ideal candidate has a strong background in application security, modern web stacks, cloud security (GCP preferred), and excellent communication skills.
incident.io is the leading AI incident response platform, relied on by some of the best engineering teams in the world when things go wrong.
Since launching in 2021, we've helped over 2,000 companies, including OpenAI, Netflix, and Airbnb, run more than 1 million incidents.
The stakes are real, the talent is insane, and somehow it's a genuinely lovely place to work. We all pull our weight, go the extra mile, and put in the bit of magic most companies don't have time for, all while having fun and never taking ourselves too seriously.
We've raised $96 million from Index Ventures, Insight Partners, and Point Nine, and we're growing fast. There's never been a better time to join.
You'll build incident.io's security function from the ground up, creating a product secure enough to support some of the best engineering teams in the world when things are going wrong.
We're looking for our second Security Engineer, someone with a real passion for application security who thrives embedded within product teams rather than sitting apart from them. You'll work side by side with engineers to design and build secure systems from the start, not swoop in at the end with a checklist. You'll spot vulnerabilities before they reach production, coach engineers on secure coding, and help shape a culture where security is second nature rather than a bolt on.
You'll partner closely with product teams to review features with security built in from day one, and collaborate heavily with Infrastructure to help secure our infrastructure, CI/CD, and internal tooling. You'll use both white box techniques, code review, architecture analysis, and black box techniques, penetration testing, fuzzing, to find and mitigate vulnerabilities across our applications, APIs, and infrastructure.
We move fast and avoid process wherever we can, so a big part of the job is figuring out how to build a genuinely secure product without slowing our engineers down. That means introducing pragmatic tooling and automation that strengthens our defences quietly, rather than getting in the way.
We're heavy adopters of AI, and this role sits right in the middle of that. You'll use AI tools to speed up your own work, review, testing, threat modelling, and you'll also be responsible for securing the AI features and AI-driven workflows we're shipping into the product. This is a genuinely new function you get to shape from scratch, and your fingerprints will be on how incident.io does security for years to come.
We work hard and we think life outside work matters just as much. Our benefits pack is built to support both.