Senior Security Engineer

Senior Security Engineer ABOUT MACROSCOPE Macroscope aims to be the source of truth of what's happening for any company that builds software. Our mission is to give leaders clarity and engineers time. We help leaders understand how their products and codebases are evolving—what’s changing, who’s working on what, and where progress is happening—grounded in the ultimate source of truth: the code. Macroscope is founded by former entrepreneurs who have started and sold multiple companies, and operated as product/engineering executives at public tech companies. We're fortunate to be supported by the best VC firms and angels in the business, including Lightspeed Venture Partners, Thrive Capital, Google Ventures, and Adverb. ABOUT THE ROLE We’re looking for a Senior Security Engineer to help shape and scale the security foundation of Macroscope’s platform. You’ll play a key role in designing and implementing security architecture, controls, and secure-by-default practices across the distributed systems, infrastructure, and APIs that power our core product. You’ll lead projects focused on protecting customer data, hardening our production environment, and raising the security bar across everything we ship—ensuring our systems can evolve alongside customer demand while maintaining enterprise-grade security. You’ll also partner closely with the rest of the engineering team to establish best practices in identity and access management, cloud security, secure CI/CD, secrets management, vulnerability management, and production monitoring. As part of our small team, you’ll work directly with the founders, engineers, and designer to make architectural decisions that will define the trajectory of our product and company. This is a hands-on role for someone who’s excited to build. You are driven by shipping secure systems and helping the team move fast without compromising on safety. Our technology stack: Typescript/React (front-end), Golang (backend), Temporal, Google Cloud (GCP), Postgres, Terraform, custom-built AST “code walkers” in various languages (Golang, Typescript, Swift, Python, Rust) QUALIFICATIONS - Deep experience securing distributed backend systems at scale, including threat modeling and designing pragmatic defenses for real-world production environments. - Proven track record of building and scaling products, not just writing policies—able to embed security into architecture, code, and developer workflows. - Strong expertise in secure system design for resilient, performant, maintainable services and APIs (authn/authz, data protection, service-to-service security, secure defaults). - Strong proficiency with cloud environments, ideally Google Cloud Platform (GCP), including networking, IAM, org policies, monitoring, and infrastructure-as-code (Terraform or equivalent). - Experience leading security or engineering projects and driving architectural decisions in high-growth teams, with an emphasis on being a team player who elevates others. - Hands-on experience with secrets management, key management/cryptography basics, and secure data handling (encryption in transit/at rest, least privilege, secure storage patterns). - Strong experience with Go (our primary backend language) is highly preferred. - You use various AI-tools to accelerate you as an engineer, and you’re curious about staying up to date with the latest and greatest. - Bonus: experience securing AI/ML systems (LLMs, RAG), including protecting private data, preventing prompt/data leakage, and designing guardrails against common attack patterns. - Bonus: exposure to Temporal as a worker management system. ABOUT YOU - You are extremely high agency. We are a small startup and we intend to keep an extremely flat organizational structure for as long as possible. Instead of relying on people managers, product managers and heavy processes, we rely on exceptionally talented individuals with high agency to be self-motivated towards contributing to our mi ... (truncated, view full listing at source)