Weedmaps is hiring a Security Engineer to contribute directly to the resilience of our entire platform. You’ll ensure the security readiness of our infrastructure, internal systems, and development lifecycle by designing and implementing efficiencies that reduce time-to-remediate and scale practices through self-service tooling.

What You'll Do

Design, build, and maintain security tools, scripts, and automations to enhance the effectiveness and efficiency of security workflows.
Partner with Engineering teams to manage and drive remediation of security vulnerabilities identified via internal and external sources.
Evaluate and prioritize security risks based on industry standards (e.g., CVSS, CWE) and business context to ensure timely risk reduction.
Recommend, implement, and optimize technical controls to effectively reduce organizational risk.
Ensure security policies and standards are being properly applied throughout the entire organization.
Manage and optimize a suite of security tools, including SOAR, EDR, DLP, and other solutions.
Author Agile stories, estimate story points, assist with sprint planning, and retrospectives.
Maintain and create secure development best practices for our engineering teams.
Identify risks in software architecture and internal development processes.
Participate in a rotating on-call schedule for incident monitoring and triaging of security-related events.

What We're Looking For

5+ years of experience in Information Security, DevSecOps, or a combined background in DevOps/Software Engineering, with a focus on vulnerability management and technical security assessments.
Deep technical understanding of modern systems architecture, including Cloud (AWS), containers/orchestration (Kubernetes, Docker), and serverless workflows.
Experience with vulnerability analysis, including understanding CVEs, and identifying/remediating security issues within application code.
Proficiency in a Git-based development environment, including workflows like CI/CD, PRs, and repository management.
Experience integrating security tooling into CI/CD pipelines and using Agile/Lean methodologies with tools like JIRA/Confluence.
Literacy in at least one modern programming or scripting language (e.g., Python, Ruby, Java, JavaScript).
Experience designing, building, or operating SOAR or SIEM platforms, and utilizing system metrics for security monitoring and alerting.
Effective written and verbal communication skills, with a proven ability to collaborate and drive security initiatives across technical and non-technical teams.

Nice to Have

Knowledge of security standards and compliance frameworks (e.g., PCI, SOC2, NIST 800-53).
2+ years working directly on a DevOps or DevSecOps team.
Expertise in Infrastructure-as-Code (IaC), including using Terraform to manage and implement secure cloud architectures (AWS).
Experience building pipelines for Continuous Delivery and integrating SDLC security tooling and flexible automations.
Advanced experience with security operations technologies, including SOAR/SIEM solutions, incident response, and root cause analysis.
Ability to perform security troubleshooting in complex cloud and container environments.
Relevant security certifications (CISSP, CCSP, GCIA, GCIH) are a plus.
Proven ability to drive organizational change regarding security and a passion for innovative security projects.
Comfortable working in a fast-paced, rapidly scaling, and complex product environment.

Technical Stack

AWS, Kubernetes, Docker, Terraform, Python, Ruby, Java, JavaScript, SOAR, SIEM, EDR, DLP, CI/CD, Git

Team & Environment

You’ll be part of the Information Security team, collaborating with IT, Software Engineering, and other teams as the technical interface.

Benefits & Compensation

Compensation: $149,500 - $169,202 per year
Physical Health (Medical, Dental & Vision): 100% employer-paid premium for employees, up to 80% coverage for dependents
Company HSA contribution with the High Deductible Health Plan
401(k) Retirement Plan with employer match up to 3.5% of employee contribution
Basic Life, Voluntary Life and AD&D Insurance options
Student Loan Repayment/529 Education Savings with a monthly company contribution
FSA (Medical, Dependent, Transit and Parking)
Critical Illness Insurance
Accident Insurance
Short- and Long-term Disability Insurance
Pet Insurance
Identity theft protection
Legal access to a network of attorneys
PTO, paid sick leave, and company holidays (including a 2026 holiday shutdown)
Paid parental leave

Work Mode

This is a remote position.

Weedmaps is an equal opportunity employer and makes employment decisions on the basis of merit. The Company prohibits unlawful discrimination against employees or applicants based on race, religion, color, national origin, ancestry, disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, age, military status, veteran status, sexual orientation, transgender identity, citizenship status, pregnancy, or any other consideration made unlawful by federal, state, or local laws.