×
Register Here to Apply for Jobs or Post Jobs. X
More jobs:

Senior Security Engineer

Remote / Online - Candidates ideally in
San Francisco, San Francisco County, California, 94199, USA
Listing for: ngrok
Remote/Work from Home position
Listed on 2026-07-18
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 215280 - 286000 USD Yearly USD 215280.00 286000.00 YEAR
Job Description & How to Apply Below

About ngrok Inc.

ngrok is an all-in-one cloud networking platform that secures, transforms, and routes traffic to services running anywhere. Instead of cobbling together nginx, NLBs, VPNs, model routers, and oodles of other tools, developers solve every networking problem with one gateway. Doesn’t matter if they’re sharing localhost or running AI workloads in production.

We’re trusted by more than 9 million developers at companies like Git Hub, Okta, Hashi Corp, and Twilio. What started as a way to put your local app on a public URL has grown into a universal gateway for API delivery, AI inference, device fleets, and site-to-site connectivity. It’s the same ngrok that millions of developers have loved and leaned on every day for years, now with the power to run production traffic at scale.

About

the Security Team

Security at ngrok is being built from the ground up, and this role is the foundation. ngrok sits at a uniquely sensitive position in the internet stack: traffic flows through us, and the developers and companies who rely on us trust us with that. As our first dedicated Security Engineer, you won’t be inheriting a sprawling program or a backlog of someone else’s decisions.

You’ll be defining how security works here — partnering closely with engineering, infrastructure, and leadership to build automated guardrails, opinionated defaults, and self-service tooling that scale with the team rather than slow it down. The threat landscape is shifting fast, and we want a security posture we’re proud to stand behind.

What You’ll Actually Do
  • Audit the current state of security tooling, pipeline coverage, cloud posture, and detection capabilities, and turn that into a prioritized security roadmap tied to ngrok’s business objectives
  • Ship developer-facing security tooling: automated checks in CI/CD, secrets scanning, dependency vulnerability tracking, and secure-by-default libraries that make the right choice the easy choice
  • Run a structured risk assessment across product and infrastructure to document what we know, what we don’t, and what needs to change
  • Establish guardrails for how we use AI in our engineering pipeline — policies and tooling that let us move fast without introducing new risk classes
  • Stand up baseline detection and response: log coverage, alerting, and a documented incident response process
  • Own the security engineering program end-to-end over time — clear ownership, documented controls, meaningful metrics, and an internal security platform (reusable libraries, self-service tooling, automation) that reduces the security burden on every engineer
You Might Be a Great Fit If:
  • You’ve worked in a security engineering role where you shipped tooling, built automation, or owned security infrastructure — not just reviewed it
  • You have strong engineering fundamentals and are comfortable writing quality code in Go or Java, Rust, C, C++
  • You know how to integrate security checks into CI/CD pipelines without slowing teams down
  • You have hands‑on experience with cloud security, particularly AWS (IAM, VPC, Cloud Trail, Guard Duty)
  • You understand AI/ML security risks like prompt injection, insecure code generation, and LLM‑assisted attack vectors
  • Bonus Points:
    • You’ve built internal security platforms or developer‑facing security tooling
    • You’ve done detection engineering — writing detection rules, tuning signals, reducing alert fatigue
    • You’ve secured networking or developer infrastructure products
Tech Stack

ngrok runs entirely on AWS. Engineers develop by using remote development tools and/or ssh to connect to remote EC2 environments that run a full Kubernetes cluster of the ngrok stack, closely mirroring production. The codebase is primarily Go and Type Script. We use Postgres for persistence, Kafka for streaming, Protobuf for service boundaries, and Kubernetes, Terraform, Helm, and Buildkite to operate and ship reliably.

React is used for user interfaces, and Git Hub supports our development workflows and remembers everything.

Location

This is a remote position for candidates outside of the Bay Area and a hybrid role for candidates within commuting distance to San Francisco. Our Bay Area employees commute to the office…

Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary