Software Engineer - Information Security

<p>PlanetScale is growing rapidly and reinventing the database space. The PlanetScale platform offers both PostgreSQL and Vitess clusters and will soon offer sharded PostgreSQL clusters with Neki.</p> <p>Our customers entrust us with what is often their most precious digital asset, their data, so the stakes couldn't be higher. We're looking for a Software Engineer: Information Security to join our team and help us build security into every layer of our infrastructure while maintaining our exceptional developer experience.</p> <h3 id="whats-the-job-to-be-done">What's the job to be done?</h3> <ul> <li>You will design and implement security controls for PlanetScale's cloud-native database platform, protecting millions of queries per second for some of the world's largest applications.</li> <li>You will collaborate with engineering teams to conduct security reviews, threat modeling, and provide secure coding guidance across our distributed systems.</li> <li>A special focus for this role is on proactive red teaming and testing - you will consistently try to break into the PlanetScale platform as an attacker would, and help patch what you find</li> <li>You will evaluate, procure, and implement proactive security tools and technologies to strengthen our security posture.</li> <li>You will work closely with our compliance team to ensure adherence to SOC 2, PCI DSS, and other security frameworks.</li> <li>You will build security automation and tooling to scale security practices across the engineering organization.</li> <li>You will respond to security incidents and conduct post-incident reviews to improve our security resilience.</li> </ul> <h3 id="these-attributes-best-describe-you">These attributes best describe you…</h3> <ul> <li>You are passionate about building secure, scalable systems and understand that security is everyone's responsibility.</li> <li>You have strong experience with cloud security, application security, and securing distributed database systems.</li> <li>You can communicate complex security concepts clearly to engineering teams and translate business requirements into technical security solutions.</li> <li>You thrive in a collaborative environment and enjoy working across teams to embed security into the development lifecycle.</li> <li>You have excellent problem-solving skills and can balance security requirements with developer productivity.</li> <li>You are self-motivated and can work independently while making sound security and technical decisions.</li> </ul> <h3 id="what-you-will-need">What you will need</h3> <ul> <li>5+ years of software engineering experience with a focus on security engineering or application security</li> <li>Strong proficiency in Go, with experience in other languages like Python, Java, or C++</li> <li>Experience securing cloud-native applications and infrastructure (AWS, GCP, Azure)</li> <li>Knowledge of database security, encryption, and access controls</li> <li>Experience with security frameworks and compliance requirements (SOC 2, PCI DSS)</li> <li>Understanding of threat modeling, security architecture, and secure coding practices</li> </ul> <h3 id="what-else-will-help-you-be-successful">What else will help you be successful</h3> <ul> <li>Experience with database internals, distributed systems security, or infrastructure security</li> <li>Background in security tool evaluation, implementation, and automation</li> <li>Experience with Kubernetes security, container security, and cloud security posture management</li> <li>Knowledge of security monitoring, incident response, and vulnerability management</li> <li>Previous experience at a high-growth technology company or in a security engineering role</li> <li>Relevant security certifications (CISSP, CISM, CEH, etc.)</li> </ul> <h3 id="why-planetscale">Why PlanetScale</h3> <p>We're redefining how high-growth companies manage data at scale—and we work with some of the most exciting brands in gaming, consumer tech, and B2B SaaS. As a Software Engineer: Information Security, you'll be at the core of protecting the platform that powers world-class apps used by hundreds of millions of users worldwide. You'll help ensure that as we scale, security remains fundamental to our architecture rather than an afterthought. PlanetScale is a profitable company with a philosophy centered around building small teams of p99 individuals and is recognized as one of the fastest growing companies in America.</p> <p&