Amplitude is a leading digital analytics platform that helps companies unlock the power of their products. More than 2,300 customers, including Atlassian, Jersey Mike’s, NBCUniversal, Shopify, and Under Armour, rely on Amplitude to gain self-service visibility into the entire customer journey. Amplitude guides companies every step of the way as they capture data they can trust, uncover clear insights about customer behavior, and take faster action. When teams understand how people are using their products, they can deliver better product experiences that drive growth.
As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.
Amplitude’s Commitment to Diversity Equity & Inclusion (DEI): Amplitude believes that diversity enables the creation of better products, improves the ability to solve complex problems, and drives more powerful solutions. We strive to create an environment of inclusion—one focused on psychological safety, empathy, and human connection—that will allow employees of all backgrounds to thrive.
About The Role & Team
As a Security Engineer, you will help identify and drive impactful projects to improve the security of Amplitude’s platform, products, and internal systems. The mission of the Amplitude Security team is to help Ampliteers ship the most secure product to our users. We are looking for security generalists with a strong grasp of security and engineering fundamentals. You will partner closely with teams across the company and focus on systemic security improvements and risk reduction. You will also maximize your security skills to support and participate in operational security responsibilities like security reviews and consulting, threat research/bug-bounty triage, incident response, and risk management.
As a Security Engineer, you will:
- Perform technical security assessments, code audits, and design reviews
- Clearly communicate the risk of security issues to developers, including proof-of-concept code as necessary to demonstrate the potential severity
- Partner with Engineering to establish comprehensive visibility into potential risk events across a cloud-native environment
- Create and refine telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events efficiently
- Manage risks by implementing robust security capabilities for repeatable predictable outcomes and maturation, and by coordinating incident response workflows
- Influence Engineering and Product teams to prioritize and implement all stages of the Vulnerability Management life-cycle - detection, analysis, remediation and disclosure
- Participate in team on-call rotation to support our penetration-testing, bug-bounty, and vulnerability-management programs
You'll be a great addition to the team if you have:
- 4+ years of security engineering experience OR equivalent experience in a SWE/DevOps role and an interest in working on security engineering initiatives
- Familiarity with security detection techniques (SAST, DAST, IAST, SCA), threat modeling frameworks (OWASP, MITRE, STRIDE, DREAD), and how they are used together to improve product security through design reviews
- A solid understanding of modern software development principles and design patterns, including the ability to write clean, efficient, and maintainable code (in Java, Typescript, Python, etc.)
- Familiarity with Agile, DevOps, CI/CD, and cloud-based infrastructure like AWS
- Curiosity and a willingness to learn
Amplitude provides equal employment opportunities (EEO). All applicants are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation.
This role is eligible for equity, benefits and other forms of compensation.
Based on Colorado law, the following details are for individuals who will work for Amplitude in Colorado. Colorado range: $147,000 - $221,000 total target cash (inclusive of bonus or commission)
Based on legislation in New York City, the following details are for individuals who will work for Amplitude in New York City. New York City salary range: $164,000 - $246,000 total target cash (inclusive of bonus or commission)
Based on legislation in California, the following details are for individuals who will work for Amplitude in San Francisco Bay Area of California. Salary range: $164,000 - $246,000 total target cash (inclusive of bonus or commission)
Based on legislation in California, the following details are for individuals who will work for Amplitude in California outside of the San Francisco Bay Area. California salary range: $147,000 - $221,000 total target cash (inclusive of bonus or commission)
Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington state. Washington salary range: $147,000 - $221,000 total target cash (inclusive of bonus or commission)
Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington only: unlimited PTO, 10 to 13 holidays annually (will vary), medical dental and vision PPO and CDHP plans. Finally, a company sponsored 401(k) retirement plan.
#LIJJ1
#LI-Hybrid
By applying for this job, you acknowledge that Amplitude processes your personal data in accordance with the Amplitude Applicant Privacy Notice.