Staff Security Engineer
About Buildkite
At Buildkite, our mission is to unblock every developer on the planet. We’ve rethought how software delivery should work and have built a platform that is fast, reliable, secure, and able to scale to the needs of the most demanding high-growth tech companies globally including Airbnb, Shopify, Canva, PagerDuty, Lyft, and Pinterest.
Job Overview
We’re looking for a Staff Security Engineer to help shape and scale security across Buildkite’s platform, infrastructure, and developer workflows.
This is a hands-on technical leadership role. You’ll drive security architecture, influence engineering standards, and help embed secure-by-default thinking into how we build and ship software. You’ll operate across Application Security, Adversarial Security, and Cloud & Platform Security - setting technical direction while remaining close to implementation.
Staff Engineers at Buildkite are force multipliers. In this role, you’ll raise the security bar across the organisation, partner deeply with Engineering and Product leaders, and design security systems that scale with our growth.
🔧 About the Security Team
The Security team at Buildkite designs secure-by-default infrastructure, developer workflows, and data protection systems. We work closely with Engineering, Platform, and Product to reduce risk without slowing delivery.
As a small, high-impact team in a fast-growing company, we focus on:
Embedding security into the SDLC and CI/CD workflows
Proactively identifying and validating risks through adversarial testing
Designing cloud and infrastructure controls that scale
Building guardrails and automation that make the secure path the easiest path
Ensuring that AI is a key part of our evolution
This role will help define the next stage of maturity for security at Buildkite.
🚀 What You’ll Do
Build and Improve Security Across the Platform
Lead threat modeling and architectural security reviews for all parts of the organisation
Conduct Adversary Simulations and Penetrations Tests against key parts of the Application and business (attack simulation, exploit validation, abuse-case testing)
Drive the technical strategy for Application Security, adversarial testing, and cloud security
Design scalable security guardrails across CI/CD, infrastructure-as-code, and developer tooling
Improve vulnerability discovery, triage, remediation workflows, and ownership models
Strengthen supply chain and dependency security across build systems and artifacts
Design security controls that are embedded into product and infrastructure
Lead and Unblock at the Org Level
Act as a trusted security partner to engineering leaders and senior ICs
Drive alignment on security trade-offs across product velocity, reliability, and risk
Lead high-impact security initiatives end-to-end (discovery → prioritisation → implementation → rollout)
Shape incident readiness, detection improvements, and post-incident hardening
Mentor engineers to elevate secure design and implementation practices
Contribute to cross-team technical direction beyond immediate security scope when needed
Raise the Bar Through Systems Thinking
Identify structural risks and design long-term solutions rather than point fixes
Introduce automation, tooling, and policy-as-code to reduce recurring classes of issues
Improve how we measure security posture and communicate risk at leadership levels
Ensure security scales with Buildkite’s infrastructure, customer growth, and product expansion
🎨 Skills & Experience We Value
Deep Security Expertise
7+ years of experience in security engineering, with strong depth in application security and adversarial testing
Extensive knowledge of common web and API vulnerabilities (OWASP Top 10 and beyond) and practical remediation patterns
Experience designing and reviewing secure architectures for distributed systems
Hands-on adversarial security experience (offensive testing, exploit validation, abuse-case modeling, red teaming)
Strong understanding of cloud security fundamentals, ideally in AWS environment
Platform & Infrastructure Experience
Experience securing CI/CD pipelines and modern developer platforms
Familiarity with Terraform or other infrastructure-as-code systems
Experience working with Kubernetes security patterns and workload controls
Strong understanding of identity, secrets management, and access control systems
Comfortable reading and writing production code (Ruby, Go, or similar)
✨ Why Join Buildkite
At Buildkite, we value kindness, autonomy, and collaboration. You’ll be joining a remote-first company where your work directly helps some of the world’s best engineering teams build and ship software faster and more safely.
Competitive compensation, including salary, equity, and benefits package
Flexible, remote-first culture
Meaningful technical challenges at scale
Opportunities for professional growth and company-wide technical influence
A collaborative, inclusive, and innovative culture where your ideas make a real impact
🌈 Equal Opportunity Employer
At Buildkite, we value diversity and celebrate all types of skills, backgrounds, and experiences. We’re dedicated to fostering an inclusive environment and providing reasonable accommodations throughout our recruitment process.
If you need any accommodations or support during the application or interview process, please reach out to us at accommodations@buildkite.com.