Amplitude is looking to scale secure software development practices across their engineering organization by hiring a Software Engineer who can proactively prevent vulnerabilities and help fix issues.
Requirements
- Comfortable writing production-quality code in at least one backend language (e.g. TypeScript, Python, Java)
- Understanding of API security principles and common web application vulnerabilities (e.g. OWASP Top 10)
- Familiarity with CI/CD pipelines and containerized environments such as Kubernetes
- Interest or experience with AI/ML tools for security automation
Responsibilities
- Contribute to building and maintaining secure-by-default development patterns, libraries, and templates (“golden paths”)
- Implement security checks in CI/CD workflows (e.g. GitHub Actions, Argo Workflows) and in runtime environments (e.g. Kubernetes admission controllers)
- Leverage AI/ML tools to automate code review, alert triage, log analysis, and threat detection for application-layer risks
- Write and tune rules to catch insecure code patterns and prevent critical vulnerabilities from reaching production
- Collaborate with developers to remediate security issues by offering clear guidance and, where needed, hands-on support
- Contribute to internal tooling and frameworks to make secure development frictionless and fast
- Participate in an on-call rotation for urgent security issues and incident response
Other
- 2 - 4 years of experience in software development or security engineering roles, ideally with a focus on secure application development
- A collaborative mindset and willingness to take ownership of problems
- A bias toward action; you’re willing to roll up your sleeves and fix issues directly
- Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
