Security Operations Engineer

SupabaseSupabase·Remote
Software Development

WFA Digital Insight

The demand for skilled security professionals has surged in recent years, with a 25% growth in job postings for security operations engineers in 2025 alone. As companies like Supabase continue to scale, their need for robust security measures has become paramount. With its open-source Postgres development platform, Supabase is at the forefront of innovation, and this role offers a unique opportunity to be part of a team that's shaping the future of digital security. Candidates should be prepared to demonstrate their expertise in security concepts, IT systems, and problem-solving skills.

Job Description

About the Role

The Security Operations Engineer role at Supabase is a critical component of the company's Product Security team. As a Security Operations Engineer, you will be responsible for providing front-line coverage for security alerts, customer security tickets, and internal IT requests. Your primary goal will be to ensure the timely and effective resolution of security-related issues, collaborating closely with the development team to identify and mitigate potential threats.

In this role, you will work in a follow-the-sun rotation with two other Security Operations Engineers, providing 24-hour coverage for security-relevant work. You will be expected to triage alerts, assess severity, and escalate issues to the right lead across Platform, Product, Anti-Abuse, or Security teams. Your strong judgment, curiosity, and clear communication skills will be essential in handling sensitive access or account issues and communicating with customers, engineers, and internal stakeholders.

What You Will Do

  • Be the first responder for security alerts from GuardDuty, dependency advisories, and other detection sources.
  • Triage alerts, assess severity, and escalate to the right lead across Platform, Product, Anti-Abuse, or Security.
  • Own customer security tickets in Front, including account recovery, MFA reset, GitHub-linked account loss, billing-based ownership verification, and org ownership disputes.
  • Use documented playbooks to make consistent decisions while identifying gaps or edge cases that need improvement.
  • Participate in the on-call pager rotation alongside other Security Operations Engineers.
  • Maintain and improve runbooks, decision trees, Front macros, and escalation paths.
  • Identify patterns in tickets and alerts, then flag opportunities for automation or workflow improvements.
  • Triage internal IT requests, including access provisioning, SSO and Okta issues, device questions, and MDM enrollment problems.
  • Help maintain access records, joiner-mover-leaver hygiene, and the audit trails needed for compliance.
  • Communicate clearly with customers, engineers, and internal stakeholders during sensitive or time-critical issues.

What We Are Looking For

  • Prior experience in technical support, IT helpdesk, junior SOC analysis, trust and safety, fraud operations, or a similar triage-heavy environment.
  • Foundational understanding of security concepts like MFA, JWTs, identity verification, account recovery, and access control.
  • Foundational understanding of IT systems like SSO, identity providers, Google Workspace, Okta, and MDM tools like Kandji, Jamf, or similar.
  • Comfortable with a terminal, basic SQL, and reading simple scripts or macros.
  • Ability to summarize a messy ticket or noisy alert in two sentences that explain what matters and what should happen next.
  • Strong customer-facing judgment and ability to stay calm, precise, and firm when handling sensitive access or account issues.
  • Enjoy turning ambiguous workflows into clear checklists, runbooks, macros, and repeatable systems.
  • Comfortable working async across time zones and writing things down by default.

Nice to Have

  • Familiarity with Postgres, AWS, or developer tools ecosystems.
  • Experience with Front, Linear, Notion, Okta, Google Workspace, Kandji, Jamf, Vanta, or similar tools.
  • Open-source contributions, CTF participation, bug bounty experience.

Benefits and Perks

  • Opportunity to work with a leading open-source Postgres development platform.
  • Collaborative and dynamic work environment with a global team.
  • Professional development opportunities to enhance your security and IT skills.
  • Flexible remote work arrangements with a stipend for home office setup.
  • Access to cutting-edge technologies and tools.
  • Comprehensive health insurance and wellness programs.

How to Stand Out

  • Develop a strong foundation in security concepts, including MFA, JWTs, and access control, to increase your chances of success in this role.
  • Familiarize yourself with IT systems like SSO, identity providers, and MDM tools to improve your troubleshooting skills.
  • Practice summarizing complex technical issues into clear, concise sentences to enhance your communication skills.
  • Build a personal project or contribute to open-source projects to demonstrate your problem-solving skills and attention to detail.
  • Prepare to discuss your experience with security alerts, customer requests, and internal IT operations during the interview process.
  • Research Supabase's technology stack and be ready to ask informed questions about the company's security measures and protocols.
  • Be prepared to provide examples of how you've handled sensitive access or account issues in previous roles.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.