Role

• Our first security-focused engineer

• Takes high-level direction (e.g., "identify top five security-related gaps for AX") and drives to results

• Success looks like a LanceDB platform that follows security-related best practices, and an ongoing partnership with other engineers to continuously enhance our security posture in all areas of the product

Day-to-day

• Select, deploy and tune security tooling across all relevant repos and environments, ensuring full coverage

• Identify and remediate security-related risks, including but not limited to cloud IAM, access controls, product vulnerabilities

• Own vulnerability management, from running our CVE program through closely working with other engineers on specific remediations

• Support periodic evidence collection and control testing for compliance commitments

• Apply relevant industry trends, best practices, and specific vulnerabilities to our product

Qualifications

• 8+ years as a software engineer

• Experience working on large-scale data platforms (e.g., databases, data infra, ML/AI systems), including work on concurrency and multitenancy

• Experience building encryption, authentication, authorization features for shipping products at high throughput

• Experience with CSP stacks, including object storage security, disk/volume encryption, key rotation, etc.

• Demonstrated ownership of ambiguous projects with minimal guidance

• Strong written and verbal communication (can drive alignment across teams)

• Comfortable using data (metrics, experiments, usage) to guide decisions

• Experience contributing to or working with open source communities

Please apply for this role only if you meet all of the above qualifications, and agree with the day-to-day responsibilities.