Software Engineer - Information Security

PlanetscalePlanetscale·Remote(San Francisco Bay Area or Remote)
Software Development
Excel

WFA Digital Insight

As demand for secure cloud solutions surges, companies like Planetscale are at the forefront of innovation. With a 25% increase in cloud security breaches in 2025, the need for skilled information security engineers has never been more pressing. Planetscale's commitment to redefining database management at scale makes this role particularly compelling for those passionate about building secure systems. Candidates should be prepared to demonstrate expertise in cloud security, threat modeling, and security automation, as well as the ability to collaborate effectively across teams.

Job Description

About the Role

The Software Engineer - Information Security role at Planetscale is a critical position focused on designing and implementing robust security controls for the company's cloud-native database platform. This role requires a deep understanding of security principles, threat modeling, and the ability to embed security into every layer of the infrastructure. The successful candidate will work closely with engineering teams to conduct security reviews, provide secure coding guidance, and ensure compliance with key security frameworks such as SOC 2 and PCI DSS.

As part of the Planetscale team, the Software Engineer - Information Security will play a pivotal role in maintaining the trust of customers by protecting their data. This involves not only reactive measures but also proactive approaches such as red teaming and testing to identify and patch vulnerabilities before they can be exploited. The role demands a strong proficiency in Go, experience with cloud security, and a solid grasp of database security principles.

What You Will Do

  • Design and implement security controls for Planetscale's cloud-native database platform to protect millions of queries per second.
  • Collaborate with engineering teams to conduct thorough security reviews and threat modeling across distributed systems.
  • Provide secure coding guidance and best practices to ensure the development of secure software.
  • Engage in proactive red teaming and testing to identify vulnerabilities and improve the platform's security posture.
  • Evaluate, procure, and implement proactive security tools and technologies.
  • Work closely with the compliance team to ensure adherence to SOC 2, PCI DSS, and other relevant security frameworks.
  • Develop security automation and tooling to scale security practices across the organization.
  • Respond to security incidents and conduct post-incident reviews to enhance security resilience.
  • Collaborate with cross-functional teams to embed security into the development lifecycle.

What We Are Looking For

  • 5+ years of software engineering experience with a focus on security engineering or application security.
  • Strong proficiency in Go, with experience in other languages like Python, Java, or C++.
  • Experience securing cloud-native applications and infrastructure (AWS, GCP, Azure).
  • Knowledge of database security, encryption, and access controls.
  • Experience with security frameworks and compliance requirements (SOC 2, PCI DSS).
  • Understanding of threat modeling, security architecture, and secure coding practices.
  • Ability to communicate complex security concepts clearly to engineering teams.
  • Self-motivation and the ability to work independently while making sound security and technical decisions.

Nice to Have

  • Experience with database internals, distributed systems security, or infrastructure security.
  • Background in security tool evaluation, implementation, and automation.
  • Experience with Kubernetes security, container security, and cloud security posture management.
  • Knowledge of security monitoring, incident response, and vulnerability management.
  • Relevant security certifications (CISSP, CISM, CEH, etc.).

Benefits and Perks

  • Competitive compensation package.
  • Opportunities for professional growth in a rapidly expanding company.
  • Collaborative and dynamic work environment.
  • Flexible working hours and remote work options.
  • Access to cutting-edge technologies and tools.
  • Comprehensive health insurance and wellness programs.
  • Generous paid time off and holidays.
  • Retirement savings plan and equity options.

How to Stand Out

  • Develop a strong foundation in cloud security: Familiarize yourself with cloud security best practices, including securing cloud-native applications and infrastructure on AWS, GCP, or Azure.
  • Build a portfolio of security projects: Showcase your skills in security engineering, threat modeling, and secure coding practices by including personal or professional projects that demonstrate your capabilities.
  • Stay updated on compliance requirements: Ensure you understand the latest in security frameworks and compliance, such as SOC 2 and PCI DSS, to stand out as a knowledgeable candidate.
  • Prepare for technical interviews: Be ready to discuss complex security concepts, your experience with security tools and technologies, and how you approach security in software development.
  • Highlight soft skills: In addition to technical skills, emphasize your ability to collaborate, communicate complex ideas simply, and work independently to make sound security decisions.
  • Research the company: Understand Planetscale's mission, values, and current projects to demonstrate your genuine interest in the role and company during the application and interview process.
  • Negotiate based on value: When discussing compensation, focus on the value you bring to the company, including your experience, skills, and achievements in the field of information security.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.