CodeRabbit · 1 day ago
Lead Security Engineer
San Francisco, CA
Full-time
Hybrid
Lead/Staff
8+ years expCodeRabbit is an innovative research and development company focused on building extraordinarily productive human-machine collaboration systems. They are seeking a Lead Security Engineer to architect, harden, and defend their infrastructure, tooling, and ecosystem while infusing security into every layer of their product and infrastructure.
Artificial Intelligence (AI)Developer ToolsSoftware
Responsibilities
Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence
Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration
Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems
Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery
Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows
Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company
Compliance & policy — establish security standards, frameworks, or processes that evolve as we scale—but remain lean and developer-friendly
Qualification
Required
8+ years in security engineering, incident response, or correlated fields—bonus if you've led through a major production breach or targeted attack
Extensive experience with security across software and infrastructure—threat modeling, pen testing, secure CI/CD pipelines, cloud security, incident response
Ability to translate risk into actionables, communicate trade‑offs with engineering/product leadership
You've taken production systems down (intentionally or unintentionally) and built them back stronger
Experience in pressure situations—with clarity, direction, and calm
You can speak fluent dev-tools, empathize with fast-moving teams, and secure them without slowing them down
Preferred
You've implemented DevSecOps tooling and orchestrated shift‑left security in developer pipelines
You've recovered from (or prevented) a critical security event, and turned that into an engineering culture improvement
Experience in a dev‑tools, SDK, or platform-heavy company
Hacker mindset + operational discipline - pentests, disaster recovery, threat hunting, tooling, cloud environments
Certifications like CISSP, CISM, CEH, or relevant cloud security certs
Benefits
Compensation That Reflects Responsibility: We deliver a competitive package—salary, equity, and benefits—to match the importance and intensity of this role.
Ongoing leadership development, mentorship opportunities, and real ownership as you eventually scale your team and operations.
Company
CodeRabbit
CodeRabbit offers software tools that perform automated code reviews using artificial intelligence.
51-200 employees
H1B Sponsorship
CodeRabbit has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (4)
2024 (1)
Funding
Current Stage
Growth StageTotal Funding
$87.61MKey Investors
Scale Venture PartnersHarmony PartnersCRV
2025-09-16Series B· $60M
2025-06-16Undisclosed
2025-01-22Convertible Note· $8M
Leadership Team
Guritfaq Singh
Co-Founder
Recent News
2025-11-13
2025-09-23
alleywatch.com
2025-09-22
Company data provided by crunchbase