Security Engineer, Platform

ResendResend·Remote(Americas / Remote / Full-time)
Software Development

WFA Digital Insight

As remote work gains pace, demand for skilled security professionals like Security Engineers has skyrocketed, with a reported 25% increase in job openings in the last year alone. With the rise of digital platforms, companies are looking for experts who can safeguard their infrastructure and data. Resend, a fast-growing company, is no exception. What sets this role apart is the opportunity to work on a platform used by over 2 million developers, focusing on building and improving security foundations. Before applying, candidates should be aware of the importance of staying updated on the latest security trends and technologies, as well as demonstrating a passion for developer experience and security.

Job Description

About the Role

The Security Engineer, Platform role at Resend is a critical position that focuses on building and improving the security foundations of the company's platform. This role is part of the Platform Squad, which is responsible for the internal platform and reliability foundations that enable Resend teams to build, deploy, observe, and operate services safely. As a Security Engineer, you will be working closely with various teams to ensure the security and integrity of Resend's platform.

The day-to-day responsibilities of this role will include designing and implementing secure defaults for new services, reviewing and updating processes to ensure security is built-in, and improving detection and response for suspicious activities. This role requires a deep understanding of security principles, authentication, authorization, and secrets management. You will also be expected to stay up-to-date with the latest security trends and technologies, and to continuously raise the security bar for the company.

Resend is committed to creating a culture of security and transparency, and this role will play a key part in achieving that goal. As a remote team, Resend values autonomy, flexibility, and open communication. This role offers the opportunity to work with a modern tech stack, including Next.js, Raycast, and Notion, and to be part of a team that is passionate about quality, craft, and the developer experience.

What You Will Do

  • Build and improve the security foundations of Resend's platform, including API keys, service permissions, secrets management, tenant isolation, audit logs, and internal access controls
  • Help design secure defaults for new services, workers, queues, databases, internal tools, and deployment pipelines
  • Improve detection and response for suspicious access, leaked credentials, abnormal sending behavior, privilege changes, and sensitive system events
  • Review and update processes and pipelines to ensure security is built-in, not bolted on
  • Collaborate with various teams to ensure the security and integrity of Resend's platform
  • Stay up-to-date with the latest security trends and technologies, and continuously raise the security bar for the company
  • Participate in incident response and post-incident reviews to identify areas for improvement
  • Develop and maintain security documentation and training for the company
  • Collaborate with the engineering team to ensure security is integrated into the development process

What We Are Looking For

  • Experience securing production infrastructure, cloud environments, APIs, developer platforms, or multi-tenant SaaS products
  • Strong understanding of authentication, authorization, secrets, IAM, logging, audit trails, incident response, and secure deployment pipelines
  • Ability to write code and read application, infrastructure, and deployment code
  • Experience with practical security improvements and a preference for low-ego, direct, and curious approach
  • Strong communication and collaboration skills, with the ability to work independently and as part of a team
  • Experience with cloud infrastructure, including AWS, Terraform, Kubernetes, and Cloudflare
  • Familiarity with open source security, GitHub organization hardening, package publishing, dependency review, and supply-chain security
  • Knowledge of security frameworks and compliance standards, including SOC 2, ISO 27001, and GDPR

Nice to Have

  • Experience with email infrastructure, transactional email, sender reputation, domain verification, SPF, DKIM, DMARC, webhooks, or abuse prevention
  • Experience with security observability, alerting, detection pipelines, or incident response workflows
  • Experience working closely with Trust & Safety, anti-abuse, fraud, or platform integrity teams
  • Experience designing security systems for high-scale developer products
  • Familiarity with modern tech stacks, including Next.js, Raycast, and Notion

Benefits and Perks

  • Competitive compensation package, commensurate with experience
  • Opportunity to work with a modern tech stack and a team that values quality, craft, and the developer experience
  • Flexible working schedule and remote work arrangement
  • Access to professional development and training opportunities
  • Health and wellness benefits, including mental health support
  • Generous PTO and holiday policy
  • Opportunity to work with a fully remote team that values autonomy, flexibility, and open communication
  • Chance to be part of a company that is building the modern email sending platform for developers

How to Stand Out

  • Make sure to highlight your experience with security foundations, including API keys, service permissions, and secrets management.
  • Showcase your ability to design secure defaults for new services and review processes to ensure security is built-in.
  • Be prepared to discuss your experience with incident response and post-incident reviews, and how you stay up-to-date with the latest security trends and technologies.
  • Emphasize your strong communication and collaboration skills, and your ability to work independently and as part of a team.
  • Consider including examples of your experience with cloud infrastructure, open source security, and security frameworks and compliance standards in your application.
  • Be honest about your experience and skills, and be prepared to provide specific examples of your work.
  • Research the company culture and values, and be prepared to discuss how you align with them.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.