NetBox Labs
Security Engineer (DevSecOps)
Role Overview
NetBox Labs is seeking a
Senior Security Engineer
with a strong
DevSecOps mindset
to lead the technical backbone of our security program - bringing together automation, infrastructure security, and proactive threat detection. This hands‑on role will architect and operate systems that secure our code, cloud, supply chain, and collaboration environments, driving visibility, resilience, and trust across everything we build.
Reporting to the
CTO
within the
IT/Infosec organization , this role serves as the
technical counterpart
to the IT/Infosec Manager.
You’ll work closely with our engineering leadership (Directors and Principals) to embed security practices into development and operations workflows - helping teams build, deploy, and maintain secure systems without being directly involved in product building. You’ll design and automate identity and access systems, manage integrations across key platforms, and lead the operation of company
logging, detection, and data protection systems
- including SIEM, DLP, and audit pipelines—to ensure visibility, resilience, and fast incident response.
Responsibilities
Enable and guide teams to adopt
DevSecOps practices , ensuring security is built into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices.
Work with IT Manager on company identity and access management: IdP configuration, user/group organization, and automation via cross‑platform synchronization and SAML.
Administer and automate
GitHub Enterprise
and
JFrog
management (users, teams, org policies, and compliance) using IaC.
Operate and tune SIEM, DLP, and centralized logging systems; define and maintain detection and alerting rules.
Review audit logs and security telemetry across cloud, SaaS, and developer systems for anomalies and compliance issues.
Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least‑privilege principles.
Collaborate with platform, product, and engineering teams to design secure‑by‑default workflows, infrastructure, and deployment practices, ensuring consistent security controls across products.
Conduct
risk assessments, tabletop exercises, and threat simulations
in concert with engineering and operations teams, ensuring security readiness is collaborative and integrated.
Lead and coordinate
penetration testing
efforts, including scoping, vendor engagement, and remediation tracking.
Support SOC 2 and related compliance efforts through control validation and evidence collection.
Help respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to ensure accurate and timely answers
Requirements
5+ years in security, IT, DevSecOps, or platform engineering roles.
Deep understanding of identity management, SSO, and federation (Google Workspace, Okta, Auth0, OIDC/SAML).
Experience managing and automating users, groups, org policies, and compliance controls on systems like AWS, GCP, GitHub Enterprise, and JFrog.
Experience implementing and improving software supply chain security, including integrating security into CI/CD pipelines (e.g., GitHub Actions).
Experience managing SIEM/DLP platforms (e.g., Datadog, Splunk) and writing detection rules.
Strong automation skills (Python, Go) and proficiency with infrastructure‑as‑code (Terraform).
Familiarity with SOC 2 and security frameworks (NIST, CIS, OWASP).
Excellent communication and documentation skills.
Nice to Have
Experience integrating audit logs and SaaS data sources into SIEM/DLP pipelines.
Knowledge of secure AWS architecture and best practices for identity, networking, and workload protection.
Background in threat detection engineering or security observability.
Open‑source or community security contributions.
Experience with AI‑assisted security tools (Copilot, ChatGPT, Cursor).
Our culture and values:
We own and solve problems with high attention to detail.
Our open source contributors, users, customers & team are all part of our community. When our community wins, we win.
We prioritize simplicity and think twice before adding complexity
Clear communication helps keep our team aligned and collaborating smoothly.
About NetBox Labs: NetBox Labs helps companies build and manage complex networks. We help customers accelerate network automation by delivering open, composable products and supporting the network automation community.
NetBox Labs is the commercial steward of open source NetBox, the world’s most popular network source of truth, and Orb, the next‑generation open source network observability platform. Our products include NetBox Enterprise, a fully supported self‑managed NetBox with advanced features, and NetBox Cloud, a secure, scalable, and reliable SaaS edition of NetBox.
NetBox powers thousands of companies, and NetBox Labs is backed by investment from Notable Capital (formerly GGV), Grafana Labs CEO Raj Dutt, Flybridge, IBM, Salesforce Ventures, and Mango Capital.
#J-18808-Ljbffr
Senior Security Engineer
with a strong
DevSecOps mindset
to lead the technical backbone of our security program - bringing together automation, infrastructure security, and proactive threat detection. This hands‑on role will architect and operate systems that secure our code, cloud, supply chain, and collaboration environments, driving visibility, resilience, and trust across everything we build.
Reporting to the
CTO
within the
IT/Infosec organization , this role serves as the
technical counterpart
to the IT/Infosec Manager.
You’ll work closely with our engineering leadership (Directors and Principals) to embed security practices into development and operations workflows - helping teams build, deploy, and maintain secure systems without being directly involved in product building. You’ll design and automate identity and access systems, manage integrations across key platforms, and lead the operation of company
logging, detection, and data protection systems
- including SIEM, DLP, and audit pipelines—to ensure visibility, resilience, and fast incident response.
Responsibilities
Enable and guide teams to adopt
DevSecOps practices , ensuring security is built into CI/CD and infrastructure pipelines through shared standards, tooling, and best practices.
Work with IT Manager on company identity and access management: IdP configuration, user/group organization, and automation via cross‑platform synchronization and SAML.
Administer and automate
GitHub Enterprise
and
JFrog
management (users, teams, org policies, and compliance) using IaC.
Operate and tune SIEM, DLP, and centralized logging systems; define and maintain detection and alerting rules.
Review audit logs and security telemetry across cloud, SaaS, and developer systems for anomalies and compliance issues.
Work with IT Manager to build automated onboarding/offboarding and access reviews aligned with least‑privilege principles.
Collaborate with platform, product, and engineering teams to design secure‑by‑default workflows, infrastructure, and deployment practices, ensuring consistent security controls across products.
Conduct
risk assessments, tabletop exercises, and threat simulations
in concert with engineering and operations teams, ensuring security readiness is collaborative and integrated.
Lead and coordinate
penetration testing
efforts, including scoping, vendor engagement, and remediation tracking.
Support SOC 2 and related compliance efforts through control validation and evidence collection.
Help respond to and complete customer and vendor security questionnaires, collaborating with compliance and engineering teams to ensure accurate and timely answers
Requirements
5+ years in security, IT, DevSecOps, or platform engineering roles.
Deep understanding of identity management, SSO, and federation (Google Workspace, Okta, Auth0, OIDC/SAML).
Experience managing and automating users, groups, org policies, and compliance controls on systems like AWS, GCP, GitHub Enterprise, and JFrog.
Experience implementing and improving software supply chain security, including integrating security into CI/CD pipelines (e.g., GitHub Actions).
Experience managing SIEM/DLP platforms (e.g., Datadog, Splunk) and writing detection rules.
Strong automation skills (Python, Go) and proficiency with infrastructure‑as‑code (Terraform).
Familiarity with SOC 2 and security frameworks (NIST, CIS, OWASP).
Excellent communication and documentation skills.
Nice to Have
Experience integrating audit logs and SaaS data sources into SIEM/DLP pipelines.
Knowledge of secure AWS architecture and best practices for identity, networking, and workload protection.
Background in threat detection engineering or security observability.
Open‑source or community security contributions.
Experience with AI‑assisted security tools (Copilot, ChatGPT, Cursor).
Our culture and values:
We own and solve problems with high attention to detail.
Our open source contributors, users, customers & team are all part of our community. When our community wins, we win.
We prioritize simplicity and think twice before adding complexity
Clear communication helps keep our team aligned and collaborating smoothly.
About NetBox Labs: NetBox Labs helps companies build and manage complex networks. We help customers accelerate network automation by delivering open, composable products and supporting the network automation community.
NetBox Labs is the commercial steward of open source NetBox, the world’s most popular network source of truth, and Orb, the next‑generation open source network observability platform. Our products include NetBox Enterprise, a fully supported self‑managed NetBox with advanced features, and NetBox Cloud, a secure, scalable, and reliable SaaS edition of NetBox.
NetBox powers thousands of companies, and NetBox Labs is backed by investment from Notable Capital (formerly GGV), Grafana Labs CEO Raj Dutt, Flybridge, IBM, Salesforce Ventures, and Mango Capital.
#J-18808-Ljbffr