Lead Security Engineer

ABOUT CODERABBIT

CodeRabbit is an innovative research and development company focused on building extraordinarily productive human-machine collaboration systems. Our primary goal is to create the next generation of Gen AI-driven code reviewers: a symbiotic partnership between humans and advanced algorithms that significantly outperforms individual engineers. We combine language models with human ingenuity to push the boundaries of software development efficiency and quality.

ROLE OVERVIEW:

CodeRabbit is on a mission to empower developers with lean, high-performance tools—they move fast, and so do the threats. That's why we're looking for a battle-tested Lead Security Engineer who’s been in the trenches and can architect, harden, and defend our infrastructure, tooling, and ecosystem.

As our Lead Security Engineer, you’ll lead security engineering at CodeRabbit, infusing security into every layer of our product and infrastructure. You become the steward of resilience, incident response, and proactive defense at scale.

RESPONSIBILITIES:

- Own the security roadmap — craft and execute a strategic security engineering plan that aligns with CodeRabbit’s fast-paced engineering cadence.

- Boost resilience — champion defense-in-depth tactics: threat modeling, secure design reviews, hardening, CI/CD integration.

- Be Incident Commander — spearhead security incident response and recovery: triage, resolve, root cause, and turn those learnings into stronger systems.

- Tools & automation — build or integrate security tooling (SAST, DAST, SIEM, EDR, monitoring) into the developer workflow without slowing delivery.

- Embed security fluently — partner with engineering and product teams to bring secure practices early into planning and daily workflows.

- Talent & culture — help to hire, coach, and mentor a scrappy, resilient security engineering team; elevate security awareness across the company.

- Compliance & policy — establish security standards, frameworks...