Security Engineering Lead

Employment Type: Full-Time Location Type: Remote

Position Overview

At TigerData, formerly Timescale, we empower developers and businesses with the fastest PostgreSQL platform designed for transactional, analytical, and agentic workloads. Trusted globally by thousands of organizations, TigerData accelerates real-time insights, drives intelligent applications, and powers critical infrastructure at scale. As a globally distributed, remote-first team committed to direct communication, accountability, and collaborative excellence, we're shaping the future of data infrastructure, built for speed, flexibility, and simplicity.

We’re scaling our engineering organization and maturing our security practices to support the demands of a growing customer base. We’re looking for a pragmatic, delivery-oriented Security Engineering Lead to embed secure development practices across our engineering teams and lead the execution of key AppSec initiatives.

This is a hands-on technical leadership role with strategic impact: you'll not only deliver secure engineering practices, but also lead the definition of our application security strategy in partnership with engineering leadership. The right candidate thrives on influencing without authority, bringing people along with clarity and credibility, and driving security outcomes through partnership, not policing.

This is currently an individual contributor role, but there is clear potential to grow into a formal leadership position as we expand our security function. You’ll be instrumental in shaping how we build and scale security within Engineering, and may have the opportunity to build and lead a small team in the future.

Responsibilities

• Partner with engineering teams to embed security best practices into our SDLC—from design to deployment.
• Lead the creation and execution of our AppSec roadmap: secure code reviews, dependency scanning, threat modeling, and secrets management.
• Drive adoption of security tooling and automation in CI/CD pipelines (e.g., SAST, SCA, secret scanning).
• Influence secure design decisions across engineering by building trust and technical credibility.
• Promote a culture of secure development through enablement, documentation, and coaching, not mandates.
• Collaborate with the Cloud Platform team to ensure secure-by-default infrastructure configurations (e.g., IAM, least privilege, encryption).
• Own key security concerns related to Kubernetes and cloud-native infrastructure (GCP, AWS), ensuring cluster and workload security, service mesh protections, and least privilege IAM.
• Contribute to incident response playbooks and participate in postmortems where security is involved.
• Participate as a key player in our cross-functional compliance efforts (e.g., SOC2, ISO 27001, HIPAA).
• Stay on top of the evolving security landscape and ensure we’re continuously improving our security posture.

Requirements

• 5+ years in security engineering or software engineering with a strong application security focus.
• Experience working with development teams in high-growth or cloud-native environments.
• Strong experience with securing Kubernetes-based infrastructure in public cloud environments (GCP preferred).
• Demonstrated ability to lead without direct authority, influence roadmaps, and build alignment around security outcomes.
• Strong practical understanding of web app and API security, threat modeling, and secure software patterns.
• Proven track record of shipping security improvements that stick in codebases, pipelines, or processes.
• Experience implementing or managing security tooling.
• Effective communicator who can translate risk into clear, actionable decisions across technical and non-technical teams.
• Strong ownership mindset with the ability to lead initiatives end-to-end, and the desire to grow into a formal leadership role over time.

Nice to Have

• Familiarity with threat modeling tools and frameworks (e.g., STRIDE, IriusRisk).
• Exposure to compliance frameworks like SOC 2 or ISO 27001 is a plus.

Company Information

At TigerData, formerly Timescale, we empower developers and businesses with the fastest PostgreSQL platform designed for transactional, analytical, and agentic workloads. Trusted globally by thousands of organizations, TigerData accelerates real-time insights, drives intelligent applications, and powers critical infrastructure at scale. As a globally distributed, remote-first team committed to direct communication, accountability, and collaborative excellence, we're shaping the future of data infrastructure, built for speed, flexibility, and simplicity.