Security Engineer

PostHog Inc.

Job Overview

Location

Remote

Job Type

Full-time

Full Job Description

📋 Description

• As a Security Engineer at PostHog, you will play a pivotal role in safeguarding the data and infrastructure of over 100,000 companies that rely on PostHog’s open-source product analytics and expanding suite of business tools. This is not a maintenance role—you will be building the security function from the ground up, shaping detection pipelines, incident response, and security culture in a high-growth, transparent, and autonomous environment where your work directly protects customer trust and enables fearless innovation.
• Your day-to-day responsibilities will include triaging and tuning Wiz alerts to convert noise into actionable findings, leading incident detection and response for threats such as compromised NPM packages or suspicious IAM activity, building custom detection pipelines to close network observability gaps, proactively threat hunting in AWS environments, managing the Vulnerability Disclosure Program (VDP) and guiding its evolution toward a formal bug bounty, enabling product squads through threat modeling and secure design reviews, and fostering a security culture where engineers view security as an enabler, not a blocker.
• PostHog is a remote-first, product-led company that has shipped over a dozen products including a built-in data warehouse, customer data platform, and AI-powered analyst. Backed by over $100M in funding and growing revenue at 10% MoM, the company operates with radical transparency, default async communication, meeting-free Tuesdays and Thursdays, and a maker’s schedule that prioritizes deep work. Teams are autonomous, small, and empowered to ship fast—engineers lead product teams and make product decisions, and security is treated as a collaborative force.
• In this role, you will have the rare opportunity to build a security program from scratch in a company that values autonomy, transparency, and shipping fast. You’ll gain deep influence over security tooling, culture, and processes, directly impact the protection of thousands of customer datasets, and work alongside engineers who trust and collaborate with security—making this one of the most impactful and rewarding security roles in a high-growth tech environment.

🎯 Requirements

• 3-5+ years of experience in security engineering with a strong focus on AWS, including deep familiarity with IAM, VPC logs, and CloudTrail.
• Proven experience using CSPM/CNAPP tools (such as Wiz or Prisma Cloud) and building detection pipelines that engineers trust and act upon.
• Demonstrated ability to lead incident response efforts, including coordination across teams, containment, and post-mortem leadership under pressure.
• Strong engineering skills, including the ability to read, understand, and write code to analyze exploits, vulnerabilities, and detection logic.
• Exceptional communication and collaboration skills, with a mindset focused on enabling engineers through constructive guidance rather than obstruction.
• High autonomy and self-direction—comfortable making decisions and executing security initiatives without prescribed playbooks or SOC oversight.

🏖️ Benefits

• Fully remote work with flexible hours and a makers’ schedule—no meetings on Tuesdays and Thursdays to protect deep work time.
• Transparent culture with access to company revenue, board meeting notes, fundraising plans, and salary formulas via the public handbook.
• Opportunity to build and shape a security function from scratch in a high-growth, open-source company with real impact on thousands of customers.
• Collaborative, trust-based environment where security partners with engineering to enable safe innovation, not block it.
• Access to cutting-edge tools like Wiz and the autonomy to define and implement detection, observability, and threat hunting capabilities.
• Support for professional growth and accommodation requests—PostHog is committed to inclusivity and accessibility in the hiring process.

Skills & Technologies

AWS

GitHub

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

PostHog Inc.

Visit Website

About PostHog Inc.

PostHog provides an open-source product analytics platform that lets teams track user behavior, run A/B tests, and gather feedback without sending data to third parties. The self-hosted or cloud service captures events, pageviews, feature flags, and session recordings, then surfaces insights through dashboards, funnels, retention, and cohort analysis. Engineers can instrument code once and non-technical teammates can query results using SQL or visual builders. The company maintains the core project under an MIT license and offers paid tiers for enterprise support, higher volumes, and advanced features such as correlation analysis, data pipelines, and team collaboration tools.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.