Security Lead
LocalStackGermany6 hours ago
Full-timeRemote FriendlyOther
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
We are a fast-growing Series A startup building cutting-edge technology to revolutionize cloud development processes and support highly efficient dev&test feedback loops. We've closed our last $25mil round in Q4 2024, led by Notable Capital, CRV and Heavybit.
At its core, LocalStack provides a high-fidelity emulator and local cloud development platform. Imagine developing cloud applications and data pipelines entirely on your local machine within a lightweight cloud sandbox, running in Docker!
Our mission is to empower developers to rapidly build and test their cloud applications, allowing for a more enjoyable dev experience, and saving valuable time and resources.
LocalStack has a large and active open-source community (57k+ stars on GitHub) with over 100k active users worldwide and 290M+ downloads to date. Our customer base ranges from SMBs to Global Fortune 500 companies.
We are sustainably growing our globally distributed team across sectors
LocalStack is headquartered in Zurich/Switzerland 🇨🇭, with a main engineering office in Vienna/Austria 🇦🇹 and remote team members from 🇺🇸the US, 🇫🇷FR, 🇬🇧UK, 🇨🇦CA, 🇪🇸ES, and many more countries.
👉Check our Notion Candidate Handbook and our GitHub!
This is the right opportunity for a person with 7+ years in a security engineering or security compliance role, experience leading vendor risk assessments and building compliance frameworks from the ground up, a strong background in API design and build, as well as a strong background in DevSecOps, incident response, and pragmatic, risk-driven security leadership.
Requirements
✅ What you will be working on/responsible for
care: we create with compassion. We prioritize empathy and understanding in every interaction. By genuinely caring for our team, customers, and community, we create an environment where people thrive and impactful work flourishes
ownership: we own the outcome. We take responsibility for our work and are passionate about its impact. We foster autonomy, inspire ambition, encourage ownership, and empower everyone to unlock their potential and make an impact.
openness: we build trust together. We build trust through open communication and honest feedback. By sharing ideas and embracing diverse perspectives, we create stronger, more connected teams that work toward shared goals.
courage: we dare to innovate. We embrace bold challenges and take calculated risks to move the needle. We step outside our comfort zones, experiment fearlessly, and turn setbacks into springboards for growth.
excellence: we chase the extraordinary. We chase excellence by pushing boundaries and delivering results that go beyond the ordinary, constantly raising the bar and striving for greatness in everything we do. Excellence is not just the outcome, itʼs how we approach every task with purpose, passion, and a commitment to delivering exceptional value.
Benefits
🎁 Benefits
To apply, follow the LI application process or apply on our career page. Make sure to include a short motivation outlining why you are the perfect candidate for this role.
If your profile looks like a good match we will be in touch to organize further steps within 2 weeks.
Please note, that due to a high volume of candidates, we cannot offer personalized feedback to each candidate.
At its core, LocalStack provides a high-fidelity emulator and local cloud development platform. Imagine developing cloud applications and data pipelines entirely on your local machine within a lightweight cloud sandbox, running in Docker!
Our mission is to empower developers to rapidly build and test their cloud applications, allowing for a more enjoyable dev experience, and saving valuable time and resources.
LocalStack has a large and active open-source community (57k+ stars on GitHub) with over 100k active users worldwide and 290M+ downloads to date. Our customer base ranges from SMBs to Global Fortune 500 companies.
We are sustainably growing our globally distributed team across sectors
LocalStack is headquartered in Zurich/Switzerland 🇨🇭, with a main engineering office in Vienna/Austria 🇦🇹 and remote team members from 🇺🇸the US, 🇫🇷FR, 🇬🇧UK, 🇨🇦CA, 🇪🇸ES, and many more countries.
👉Check our Notion Candidate Handbook and our GitHub!
This is the right opportunity for a person with 7+ years in a security engineering or security compliance role, experience leading vendor risk assessments and building compliance frameworks from the ground up, a strong background in API design and build, as well as a strong background in DevSecOps, incident response, and pragmatic, risk-driven security leadership.
Requirements
✅ What you will be working on/responsible for
- Ensure robust security posture of our product, across the various components (in particular, the LocalStack emulators, the LocalStack Cloud platform, as well as our data warehouse)
- Lead initiatives for incident monitoring, intrusion detection, and vulnerability management
- Define and implement regular security auditing procedures across systems and access controls
- Deliver a sustainable, scalable process for vendor risk assessments and other security-related initiatives (e.g., via tooling, delegation, or automation) including completing and submitting vendor risk assessments to support our sales process
- Ensure secure configurations and permission models, while collaborating with the engineering teams
- Identify gaps between claimed and actual compliance and propose/lead corrective actions
- Own documentation of security controls, configurations, and policies
- Engage with internal stakeholders to evaluate different security threats and attack vectors
- Generate and distribute internal audit and compliance reports in regular intervals
- Expert knowledge of threat modelling, vulnerability management, and tools like intrusion detection, network security, or Linux/Unix OS hardening
- Practical experience with cloud security (AWS preferred)
- Good knowledge of common standards (e.g., SOC 2, ISO 27001, GDPR), even if not formally certified
- Strong documentation skills and ability to make complex topics accessible to non-experts
- Good understanding of US and EU security and compliance expectations
- Prior engineering experience strongly preferred (even if no longer coding daily)
- Proactive, pragmatic, and capable of risk-based decision-making
care: we create with compassion. We prioritize empathy and understanding in every interaction. By genuinely caring for our team, customers, and community, we create an environment where people thrive and impactful work flourishes
ownership: we own the outcome. We take responsibility for our work and are passionate about its impact. We foster autonomy, inspire ambition, encourage ownership, and empower everyone to unlock their potential and make an impact.
openness: we build trust together. We build trust through open communication and honest feedback. By sharing ideas and embracing diverse perspectives, we create stronger, more connected teams that work toward shared goals.
courage: we dare to innovate. We embrace bold challenges and take calculated risks to move the needle. We step outside our comfort zones, experiment fearlessly, and turn setbacks into springboards for growth.
excellence: we chase the extraordinary. We chase excellence by pushing boundaries and delivering results that go beyond the ordinary, constantly raising the bar and striving for greatness in everything we do. Excellence is not just the outcome, itʼs how we approach every task with purpose, passion, and a commitment to delivering exceptional value.
Benefits
🎁 Benefits
- Fully remote
- Competitive salary
- Annual company retreat
- 2 extra company-wide holidays
- Friendly and inclusive workplace culture (community guilds and online company events)
To apply, follow the LI application process or apply on our career page. Make sure to include a short motivation outlining why you are the perfect candidate for this role.
If your profile looks like a good match we will be in touch to organize further steps within 2 weeks.
Please note, that due to a high volume of candidates, we cannot offer personalized feedback to each candidate.
Key Skills
Ranked by relevanceReady to apply?
Join LocalStack and take your career to the next level!
Application takes less than 5 minutes