Security Operations Lead
EarnestSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Junior (1 to 2 years)Experience Level
Full TimeJob Type
UnknownVisa
Information Security, Cloud Security, DevOpsIndustries
Requirements
Candidates should have 3+ years of experience in a Security Operations Center, CERT, or similar on-call/triage environment for a cloud-native product company, and experience with bug-bounty platforms (HackerOne, Bugcrowd), compliance tooling (Vanta, Drata), ticketing/CRM systems (HubSpot, Jira), and at least one log/SIEM stack. Familiarity with common frameworks such as SOC 2, HIPAA, ISO 27001, or related standards is required, along with a comfortable working style in an async-first, globally distributed team.
Responsibilities
The Security Operations Engineer will own inbound security triage, monitoring and sorting HackerOne bug-bounty reports, Vanta compliance alerts, HubSpot support tickets, and internal security requests, quickly assessing severity and business impact, filing actionable tickets, and routing them to the relevant product teams. They will manage and improve security tooling, including overseeing and maintaining the Mobile Device Management system (Jamf) and EDR, triage and follow up on IDS alerts, coordinating with Engineering and Infrastructure teams where needed, and drive incident response & follow-through by coordinating investigation, remediation, and post-mortem activities. The role also involves tracking SLAs, chasing blockers, and closing the loop with reporters, tuning alert rules, improving duplicate/false-positive handling, and feeding lessons learned back into detections and playbooks, as well as supporting compliance & assurance initiatives by collecting evidence for audits and partnering with the Security Engineering and Compliance teams to turn operational gaps into long-term control improvements. Additionally, the Security Operations Engineer will champion security culture by responding to ad-hoc security questions, contributing to internal training, FAQs, and knowledge-base articles, and ensuring alerting systems and workflows remain effective, actionable, and low-noise.
Skills
Security Monitoring
Security Tooling
IDS
Incident Response
Security Automation
Compliance (SOC 2, HIPAA)
Security Incident Management
Security Playbooks
Security Metrics
Security Culture
Supabase
Open-source backend service for developers
About Supabase
Supabase provides an open-source backend as a service (BaaS) platform that helps developers and businesses create scalable applications more easily. It offers real-time databases, authentication, and storage solutions, all designed to integrate smoothly into existing workflows. This means developers can focus on building their applications without needing to spend a lot of time on backend development. Supabase operates on a freemium model, where users can access basic services for free, while advanced features are available through paid subscriptions. This approach allows it to cater to various user needs. What sets Supabase apart from its competitors is its open-source nature, which allows users to customize the platform and benefit from community-driven enhancements. The company aims to provide a reliable and efficient solution for developers, ensuring high uptime for applications that are critical to their users.
Key Metrics
Singapore, SingaporeHeadquarters
2020Year Founded
$190.8MTotal Funding
SERIES_CCompany Stage
Consumer Software, Enterprise SoftwareIndustries
51-200Employees