xelys jobs xelys jobs

Security Engineer [IC3]

Sourcegraph

hybridmidpermanentsecurity United States 6 days ago via LinkedIn

See how well this job matches your profile

Sign up to get an AI match score and generate a tailored application in seconds.

Get your match score

Tags

Security OperationsSIEMOn-callIncident ResponseThreat ModelingApplication SecurityElastic StackGCPGoSOC 2

About the role

Role Overview

Sourcegraph is hiring a Security Engineer (IC3) to join its security team and help embed world-class security across the product and infrastructure. The role is primarily focused on Security Operations, while also contributing across other security program areas such as incident response, application security, and compliance.

Responsibilities

  • Build and improve security operations processes and systems
  • Maintain and enhance the monitoring and alerting stack
  • Participate in on-call rotations and respond to security incidents
  • Perform application security testing and security reviews (application and infrastructure)
  • Proactively improve security across the codebase, product, cloud, and customer on-prem deployments
  • Discover, fix, and mitigate infrastructure vulnerabilities (libraries, base images, container analysis)
  • Maintain internal automation to assist with alert triage
  • Coordinate with other teams to triage, troubleshoot, and mitigate security-related customer concerns
  • Improve application security via audits, best practices, code fixes, and education
  • Perform reactive incident response and proactive research for new attack vectors
  • Conduct threat modeling for existing and future applications
  • Assess and integrate new security tools to improve operational efficiency
  • Help maintain compliance with SOC 2, ISO 27001, and GDPR

Within ~1 / 3 / 6 Months

  • 1 month: onboarding to alerting/monitoring stack; join on-call
  • 3 months: maintain internal alert-triage automations; work cross-team on customer security concerns; enhance application security
  • 6 months: proactive threat research; threat modeling; evaluate/integrate new tools; contribute to compliance maintenance

Requirements

  • Practical experience reviewing SIEM alerts and participating in on-call
  • Experience as a security generalist securing SaaS applications (including infrastructure security, application security, and/or compliance)
  • Experience with Go, including maintaining internal tooling and code reviews
  • Experience with Elastic stack and GCP
  • Experience using and automating defensive security tools
  • Ability to work across engineering teams to secure projects organization-wide
  • High agency

Nice-to-haves / Implied

  • Familiarity with defensive security operations, threat modeling, and SOC 2 / ISO 27001 / GDPR activities

About Sourcegraph

Sourcegraph builds a code intelligence platform used by developers and agents to navigate, understand, and operate on large codebases. Its offerings include Code Search, Deep Search, and MCP, supporting software teams at companies such as Stripe, Uber, and Dropbox. The company operates as a globally distributed team focused on developer productivity and high-agency collaboration.

View original listing Generate application

Scraped 6/14/2026

xelys jobs xelys jobs

Built for remote job seekers. Powered by AI.