Remote Jobs

We’ve curated the top remote jobs from the world’s leading companies.

Subscribe to our newsletter to get notified about the newest remote job opportunities.

Unsubscribe at anytime. Privacy policy

Posted 5 months ago

If this role seems interesting, irrespective of your location or identities, please reach out.
Even if you don't think you meet all of the criteria but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join our team. We'd love to hear from you.
Metabase is the easiest way for people to get insights from their data, from tiny startups who get up and running quickly to major corporations with tens of thousands of users. That's why people love us.
We bring data tools with the elegance and simplicity of consumer products to the crufty world of enterprise business intelligence. We provide an opinionated open source starting point for how companies should measure, analyze and share their data, which is used by tens of thousands of companies.
The core Metabase product is the primary interface between humans and the data for an organization and as such is a critical piece of infrastructure for our users. Our core product contains complex primitives managing data access permissions and sandboxed access to data in a variety of environments. We're looking to make a key hire to help build out our knowledge and capabilities in application security, and ultimately allow the broader engineering team to move quickly without compromising on security.

You Will
  • Create and execute on a backlog of security enhancements to the core product
  • Audit and review code to improve secure coding practices and level up the team
  • Partner with engineering teams to help design secure solutions
  • Be a security subject matter expert and answer questions
  • Lead security initiatives across the company

Skills and Experience
  • Excellent written and verbal communication skills
  • Strong software engineering experience in a production environment across multiple programming languages (bonus if this list includes Clojure and Javascript)
  • A track record of of past projects demonstrating significant improvements to application security in one or more deployed products
  • Can demonstrate an ability to find security design flaws and implementation bugs
  • Strong application security skills - you can think like an attacker and develop threat models, are conversant with web browser security controls and best practices, are familiar with common web application and security vulnerabilities and mitigations, and have expertise with web security standards such as CPS, CORS, and emerging standards and technologies
  • Bonus: past experience scaling security through abstraction improvements and educational initiatives
We're a global team (50% outside of the US), fully distributed (from Thailand to Hawaii), who gets things done asynchronously, with plenty of uninterrupted time, supporting each other to do the best work of our careers.
We're relentlessly user-focused and believe in building long-term value, not short-term hacks. And we just raised a $30M Series B to take our approach to the next level for years to come.