Security Engineer

This role operates on a hybrid schedule requiring two days of in-office per week. The position can be based in either our San Francisco office or our new New York City office.

We are seeking a Security Engineer to join our lean and high-impact team. Reporting to the Security Engineering Manager and working closely with two Senior Security Engineers, you will play a crucial supporting role in executing technical security initiatives and driving continuous security improvements. This role offers high potential for growth and is an excellent opportunity for a talented individual looking to significantly expand their career in a modern, cloud-native environment.

The ideal candidate is technically versatile, detail-oriented, and driven to learn. Candidates with a strong Software Development background, coupled with a keen interest in pivoting into security engineering, are encouraged to apply.

• Implement and manage technical security controls, WAF rules, and secure CI/CD pipelines aligned with CIS requirements.
• Execute vulnerability management programs and system hardening, collaborating with development teams to remediate findings.
• Build security automation and refine detection rules for SIEM/EDR platforms to enhance response capabilities.
• Participate in the on-call rotation to triage alerts and assist with incident response.
• Conduct security vendor reviews and manage responses to external security questionnaires.
• Maintain security documentation, policies, and partner with IT on corporate security initiatives.

We value diverse technical backgrounds and a proven track record of strong execution. Candidates should meet one or more of the following experience criteria and possess the required technical skills.

• Security Analyst/Security-Adjacent: 5+ years of experience in a Security Analyst or similar role, demonstrating a clear path of growth toward security engineering.
• Security Engineer: 3+ years of direct experience working as a Security Engineer.
• Software Developer (SDE) Pivot: 5+ years of experience in a Software Development role, with 1+ year of experience working in security or security-adjacent roles (e.g., implementing security libraries, running security tools).

• Proficiency with AWS and/or GCP and experience securing cloud-native infrastructure (Docker, Kubernetes, Terraform).
• Strong scripting and automation skills (e.g., Python, Bash, Go).
• Experience with SIEM/EDR tools, alert triage, and incident response workflows.
• Knowledge of WAF management, CI/CD security integration, and secure coding principles.
• Ability to manage vulnerability scanning, remediation lifecycles, and system hardening.
• Experience conducting third-party vendor reviews and responding to security questionnaires.

• Direct experience and strong knowledge of developing or securing applications built with TypeScript and Node.js is highly desirable
• Experience with or knowledge of data streaming platforms such as Kafka.
• Exposure to SOC 2, CIS, or general compliance control frameworks.
• Relevant Certifications (e.g., GSEC, Security+, CKS, AWS Security, etc.).

At Taskrabbit, our approach to compensation is designed to be competitive, transparent, and equitable. Total compensation consists of base pay + bonus + benefits + perks. The base pay range for this position is $107,000 - $142,000. This range is representative of base pay only, and does not include any other total cash compensation amounts, such as company bonus or benefits. Final offer amounts may vary from the amounts listed above and will be determined by factors including, but not limited to, relevant experience, qualifications, geography, and level.