About Watershed
Watershed is the enterprise sustainability platform. Companies like Airbnb, Carlyle Group, FedEx, Visa, and Dr. Martens use Watershed to manage climate and ESG data, produce audit-ready metrics for voluntary and regulatory reporting including CSRD, and drive real decarbonization. We are looking for team members who love product-building, want to work hard at a mission-oriented startup, and will collaborate with us in shaping the culture of a growing team.
We have offices in San Francisco, New York, London, Paris, Berlin, Sydney, Mexico City, and remote team members across the US and Europe. We hope that you'll be interested in joining us!
The role
The Senior Security Engineer will drive the product security vision, strategy, and best practices across product teams. You'll lead threat modeling exercises, collaborate with engineering to enhance our secure software development stack and CI/CD pipeline, and manage our bug bounty programs and third-party security testing. You'll also evaluate vulnerability reports, prioritize remediation efforts, and design robust threat detection, monitoring, and incident response architectures.
In this role, you will:
Drive product security vision, strategy, and best practices across product teams
Lead security design reviews for new and existing products to identify potential security vulnerabilities
Collaborate with engineering to manage and improve the secure software development stack and CI/CD pipeline
Manage and enhance our bug bounty programs and third-party security testing
Evaluate vulnerability reports, prioritize remediation, and communicate findings
Design and build threat detection, monitoring, investigation, and response architectures
Monitor and evaluate operational/security alerts
Participate in investigations and incident response activities; build playbooks
You might be a good fit if you have:
BS in computer science, information security, or a related field or equivalent experience
5-7+ years in security engineering
Experience in growing & formalizing security programs
Strong knowledge of GCP
Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies
Proficiency in multiple programming languages and familiarity with secure coding practices and frameworks such as OWASP and CIS Controls (Was SANS Top 20)
Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines
Excellent leadership, communication, and collaboration skills, with the ability to work effectively across diverse teams
Great if you also have:
SaaS industry background
Preference is given to candidates in the San Francisco Bay Area
Join Us:
If you're passionate about climate change and have the security expertise to help us protect our mission, we want to hear from you! Apply today and be a part of the solution.
Must be willing to work from an office 4 days per week (except for remote roles)
Watershed has hub offices in San Francisco, New York, London, and Mexico City and satellite offices in Sydney, Paris, and Berlin. Where we have offices, employees are expected to be in office for 4 days per week. Certain jobs are open to being remote and will be specifically noted on the jobs page and in the job description if so.
What’s the interview process like?
It starts the same for every candidate: getting to know the team members through 1 to 2 conversations about Watershed, your experience, and your interests. Next steps can vary by role, but usual next steps are a skill or experience interview (e.g. a coding interview for an engineer, a portfolio review for a designer, deeper experience call for other roles) which leads to a virtual or in person interview panel. We prioritize transparency and lack of surprise throughout the process.
What if I need accommodations for my interview?
At Watershed, we are dedicated to ensuring an inclusive recruitment process. We provide reasonable accommodations for candidates with disabilities, long-term conditions, mental health needs, religious observances, neurodivergence, or pregnancy-related support requirements. If you need assistance during your process, please contact your recruiter.