security
Posted 1 weeks agoSecurity Engineer, Platform
at Resend
United StatesRemote
Requirements
- experience with email infrastructure, transactional email, sender reputation, domain verification, SPF, DKIM, DMARC, webhooks, or abuse prevention - Have secured cloud infrastructure using tools like AWS, Terraform, Kubernetes, Cloudflare, or similar systems - Have
- experience with open source security, GitHub organization hardening, package publishing, dependency review, or supply-chain security - Have helped a company prepare for SOC 2, ISO 27001, GDPR, enterprise security reviews, or customer trust processes without turning engineering into a compliance machine - Have built security observability, alerting, detection pipelines, or incident response workflows - Have worked closely with Trust & Safety, anti-abuse, fraud, or platform integrity teams - Have
- experience ABOUT RESEND We are building the modern email sending platform for developers.
Benefits
- experience designing security systems for high-scale developer products WHAT IT MEANS TO JOIN THE TEAM: - Autonomy to "just ship it" - 100% remote team with flexible working schedules - Modern tech stack (Next.js, Raycast, Notion, etc.) - Honest and low-ego team - Ownership of problems and solutions - Comp: $120,000 - $140,000 USD, commensurate with
Contact
- Read more about how we work, how we hire, and what we value here https://resend.com/handbook.
- Meet the humans → https://resend.com/humans
Additional details
- Resend is growing fast, and there are now over 2 million developers using it.
- As the Platform Squad, we are responsible for the internal platform and reliability foundations that let Resend teams build, deploy, observe, and operate services safely.
- This role is fully remote based in Americas or European timezones, with some expected travel for team offsites, conferences, meetups, and more.
- IN THIS ROLE, YOU WILL… - Build and improve the security foundations of Resend’s platform, including API keys, service permissions, secrets management, tenant isolation, audit logs, and internal access controls - Help design secure defaults for new services, workers, queues, databases, internal tools, and deployment pipelines - Improve detection and response for suspicious access, leaked credentials, abnormal sending behavior, privilege changes, and sensitive system events - Review and update our - Have