Back to jobs

Staff Security Engineer

San Francisco, CA

Amplitude is a leading digital analytics platform that helps companies unlock the power of their products. More than 3,500 customers, including Atlassian, Jersey Mike’s, NBCUniversal, Shopify, and Under Armour, rely on Amplitude to gain self-service visibility into the entire customer journey. Amplitude guides companies every step of the way as they capture data they can trust, uncover clear insights about customer behavior, and take faster action. When teams understand how people are using their products, they can deliver better product experiences that drive growth. 

As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.

Amplitude’s Commitment to Diversity Equity & Inclusion (DEI): Amplitude believes that diversity enables the creation of better products, improves the ability to solve complex problems, and drives more powerful solutions. We strive to create an environment of inclusion—one focused on psychological safety, empathy, and human connection—that will allow employees of all backgrounds to thrive.

 

About the Role:

As a Staff Security Engineer, you will focus on building and refining our cloud infrastructure security and detection & response capabilities. You’ll help secure our AWS environment, ensure proper monitoring, and implement response strategies for emerging threats. Success in this role requires not only technical excellence but also the ability to collaborate effectively across teams, especially in an environment where feature delivery pressures compete for bandwidth with security-focused work. You'll need to build strong relationships, communicate effectively, and be willing to step in and help where needed—whether that means writing a PR or helping troubleshoot issues.

 

Key Responsibilities:

  • Secure our AWS environment by implementing best practices for IAM, VPC configuration, and security monitoring.
  • Work closely with cloud platform teams to identify vulnerabilities and secure infrastructure against internal and external threats.
  • Build and automate security controls across cloud infrastructure and CI/CD pipelines.
  • Develop and maintain incident detection and response processes to ensure fast identification and mitigation of security threats.
  • Implement and manage SIEM tools to track logs, monitor cloud resource activity, and proactively identify issues.
  • Mentor junior engineers and foster security awareness across the company.
  • Conduct regular vulnerability scans, security reviews, and assessments of AWS and cloud services.
  • Support regulatory compliance requirements (SOC2, ISO), ensuring security controls are implemented in the infrastructure.
  • Collaborate closely with development teams and step in to help resolve issues directly when necessary, ensuring security improvements are effectively implemented.

 

What We’re Looking For:

  • 6+ years of experience in security engineering, with a focus on cloud infrastructure (AWS).
  • A history of using cloud-native tools like Kubernetes to “shift left” in order to build security into the foundations of the develop/build/release process.
  • Proficient in AWS security best practices, including IAM, CloudTrail, VPC, and security groups.
  • Experience with SIEM and cloud monitoring tools.
  • Familiarity with detection techniques (e.g., SAST, DAST) and incident response.
  • Experience automating security tasks using scripting languages (Python, Bash, etc.).
  • Strong understanding of infrastructure-as-code tools (Terraform, CloudFormation) and cloud security automation.
  • Excellent communication skills, with the ability to build strong relationships with engineering teams and collaborate in a sometimes high-pressure environment.
  • Willingness to go above and beyond, including submitting fixes and supporting teams directly when needed.

#LI-JJ1

#LI-Hybrid

 

"This role is eligible for equity, benefits and other forms of compensation.

Based on Colorado law, the following details are for individuals who will work for Amplitude in Colorado. Colorado range: $185,000 - $278,000 total target cash (inclusive of bonus or commission)

Based on legislation in New York City, the following details are for individuals who will work for Amplitude in New York City. New York City salary range: $204,000 - $307,000 total target cash (inclusive of bonus or commission)

Based on legislation in California, the following details are for individuals who will work for Amplitude in San Francisco Bay Area of California. Salary range: $204,000 - $307,000 total target cash (inclusive of bonus or commission)

Based on legislation in California, the following details are for individuals who will work for Amplitude in California outside of the San Francisco Bay Area. California salary range: $185,000 - $278,000 total target cash (inclusive of bonus or commission)

Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington state. Washington salary range: $185,000 - $278,000 total target cash (inclusive of bonus or commission)

Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington only: unlimited PTO, 10 to 13 holidays annually (will vary), medical dental and vision PPO and CDHP plans. Finally, a company sponsored 401(k) retirement plan."  

By applying for this job, you acknowledge that Amplitude processes your personal data in accordance with the Amplitude Applicant Privacy Notice.

Staying Safe - Protect Yourself From Recruitment Fraud
We are aware of individuals and entities fraudulently representing themselves as Amplitude recruiters and/or hiring managers. Amplitude will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Amplitude recruiting team will come from an @amplitude.com email address. You can learn more about how to protect yourself from these types of fraud by referring to this article. Please exercise caution and cease communications if something feels suspicious about your interactions.

Apply for this job

*

indicates a required field

Resume/CV

Accepted file types: pdf, doc, docx, txt, rtf



Demographic Questions - United States

To help hold ourselves accountable to our diversity and inclusion objectives, and for government reporting purposes, please take a few moments to complete the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

Why is Amplitude collecting demographic data? What is Amplitude trying to achieve by collecting this data?

Collecting demographic data is part of our commitment to inclusivity and fairness in the hiring process. Amplitude has made a commitment that all candidates experience a fair and equitable hiring process. As a data-driven company, we believe you can’t improve something if you can’t measure it. We are implementing methods to measure fairness in the Amplitude hiring process, and we need demographic data from applicants to achieve these goals. 

As set forth in Amplitude's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

 

How do you know if you have a disability?

You are considered to have a disability if you have a physical or mental impairment or medical condition that substantially limits a major life activity, or if you have a history or record of such an impairment or medical condition.

 

How do you know if you have protected veteran status?

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Select...
Select...
Select...
Select...
Select...