supabase - Security Operations Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Familiarity with Postgres, AWS, or developer tools ecosystems. • Experience with Front, Linear, Notion, Okta, Google Workspace, Kandji, Jamf, Vanta, or similar tools. • Open-source contributions, CTF participation, bug bounty experience, or a personal project that shows security curiosity. • Experience improving support, SOC, trust and safety, fraud, or IT workflows, or basic scripting and automation experience.
Responsibilities
• First Response & Triage: Act as the first responder for security alerts from GuardDuty, dependency advisories, and other detection sources. Assess severity and escalate to the right lead across Platform, Product, Anti-Abuse, or Security. • Customer Security Operations: Own customer security tickets in Front, including account recovery, MFA reset, GitHub-linked account loss, billing-based ownership verification, and org ownership disputes. • Incident Response Support: Participate in the on-call pager rotation alongside other Security Operations Engineers and use documented playbooks to make consistent decisions. • Process Improvement: Maintain and improve runbooks, decision trees, Front macros, and escalation paths. Identify patterns in tickets and alerts to flag opportunities for automation or workflow improvements. • Internal IT Support & Compliance: Triage internal IT requests (access provisioning, SSO/Okta issues, device questions, MDM enrollment) and help maintain access records, joiner-mover-leaver hygiene, and compliance audit trails. • Communication: Communicate clearly with customers, engineers, and internal stakeholders during sensitive or time-critical issues. • YOU MIGHT BE A GOOD FIT IF YOU • Have prior experience in technical support, IT helpdesk, junior SOC analysis, trust and safety, fraud operations, or a similar triage-heavy environment. • Have a foundational understanding of security concepts like MFA, JWTs, identity verification, account recovery, and access control. • Have a foundational understanding of IT systems like SSO, identity providers, Google Workspace, Okta, and MDM tools like Kandji, Jamf, or similar. • Are comfortable with a terminal, basic SQL, and reading simple scripts or macros (you do not need to be a developer). • Can summarize a messy ticket or noisy alert in two sentences that explain what matters and what should happen next. • Have strong customer-facing judgment and can stay calm, precise, and firm when handling sensitive access or account issues. • Enjoy turning ambiguous workflows into clear checklists, runbooks, macros, and repeatable systems. • Are comfortable working async across time zones and writing things down by default.
Benefits
• We hire globally. We believe you can do your best work from anywhere. There are no Supabase offices, but we provide a WeWork membership or co-working allowance you can use anywhere in the world. • Every team member receives ESOP (equity ownership) in the company. We want everyone to share in the upside of what we’re building together. • Tech Allowance • Use this budget to set up your ideal work environment—laptop, monitor, headphones, or whatever helps you do your best work. • Supabase covers 100% of health insurance for employees and 80% for dependents, wherever you are. Your wellbeing and your family’s health are important to us. • Annual Off-Sites • Once a year, the entire company gathers in a new city for a week of connection, collaboration, and fun. It’s a highlight of our year. • Flexible Work • We operate asynchronously and trust you to manage your own time. You know what needs to be done and when. • Professional Development • Every team member receives an annual education allowance to spend on learning—courses, books, conferences, or anything that supports your growth.
No credit card. Takes 10 seconds.