SupabaseSU

Security Operations Engineer

Supabase is an open source Firebase alternative. Start your project with a Postgres database, Authentication, instant APIs, Edge Functions, Realtime subscriptions, and Storage.

Supabase

Employee count: 51-200

Supabase is an open-source, fully remote company building developer tools for Postgres—and now running 3 million+ managed database instances in production. Safeguarding that data is core to our mission.

We’re hiring a Security Operations Engineer to be the frontline guardian of our cloud platform, turning raw alerts into resolved issues and ensuring every team at Supabase stays secure by default.

You will:

  • Own inbound security triage

    • Monitor and sort HackerOne bug-bounty reports, Vanta compliance alerts, HubSpot support tickets, and internal security requests.

    • Quickly assess severity and business impact, file actionable tickets, and route them to the relevant product teams.

  • Manage and improve security tooling

    • Oversee and maintain our Mobile Device Management system (Jamf), EDR and other security related tooling

    • Triage and follow up on IDS alerts, coordinating with Engineering and Infrastructure teams where needed.

    • Ensure alerting systems and workflows remain effective, actionable, and low-noise.

  • Drive incident response & follow-through

    • Coordinate investigation, remediation, and post-mortem activities for security events.

    • Track SLAs, chase blockers, and close the loop with reporters - ensuring clear, timely communication throughout.

  • Keep our security signals healthy

    • Tune alert rules, improve duplicate/false-positive handling, and feed lessons learned back into detections and playbooks.

    • Maintain and refine runbooks, workflows, and metrics dashboards for continuous improvement.

  • Support compliance & assurance initiatives

    • Collect evidence from resolved findings for SOC 2 and HIPAA audits.

    • Partner with the Security Engineering and Compliance teams to turn operational gaps into long-term control improvements.

  • Champion security culture

    • Respond to ad-hoc security questions from engineers, sales, and support.

    • Contribute to internal training, FAQs, and knowledge-base articles to raise the overall security IQ of the company.

You are …

  • Experienced in security operations. 3 + years in a Security Operations Center, CERT, or similar on-call/triage environment for a cloud-native product company.

  • Tool-savvy. Comfortable with bug-bounty platforms (HackerOne, Bugcrowd), compliance tooling (Vanta, Drata), ticketing/CRM systems (HubSpot, Jira), and at least one log/SIEM stack.

  • Process-oriented & relentless at follow-up. You enjoy turning chaos into checklists, measuring progress, and nudging tasks over the finish line.

  • Clear and empathetic communicator. Able to translate security jargon into developer-friendly action items and customer-friendly updates.

  • Familiar with common frameworks. Working knowledge of SOC 2, HIPAA, ISO 27001, or related standards.

  • Comfortable in an async-first, globally distributed team. You write things down, default to transparency, and can triage effectively across time zones.

Nice to have: hands-on scripting for automation, experience with threat-intel feeds, prior work in a high-volume bug-bounty program.

We offer:

  • 100% remote work from anywhere in the world. No location-based adjustment to your salary.

  • Autonomous work. We work collaboratively on projects, but you set your own pace.

  • Health, Vision and Dental benefits. Supabase covers 100% of the cost for employees and 80% for dependants

  • Generous Tech Allowance for any office setup you need

  • Annual Education Allowance

  • Annually run off-sites.

About the team

  • We're a startup. It's unstructured.

  • Collectively founded more than 30 startups.

  • Globally distributed team with more than 30 different nationalities.

  • We deeply believe in the efficacy of collaborative open source. We support existing communities and tools, rather than building "yet another xx".

  • We "dogfood" everything. If you use it in your project, we use it in Supabase.

Process

  • The entire process is fully remote and all communication will happen over email or via video chat.

  • Once you've submitted your application, the team will review your submission and may reach out for a short screening interview over a video call.

  • If you pass the screen you will be invited to up to four follow-up interviews.

  • The calls:

    • usually take between 20-45 minutes each depending on the interviewer.

    • most of the time, are all 1:1.

    • will be with the founders, a member of either the growth or engineering team (depending on the role) and usually one other person from your immediate team or function.

  • Once the interviews are over, the team will meet to discuss several roles and candidates and may:

    • ask one or two follow-up questions over email or a quick call.

    • go directly to making an offer.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Mid-level

Location requirements

Open to candidates from all countries.

Hiring timezones

Worldwide

About Supabase

Learn more about Supabase and their company culture.

View company profile

Supabase is an open source Firebase alternative, built by developers for developers. Supabase adds auth, realtime, storage, restful APIs, and edge functions to Postgres without a single line of code. Supabase was born-remote. Having a globally distributed, open source company is our secret weapon to hiring top-tier talent.

We’re on a mission to build the best developer platform.

We work together, wherever we are

Working in a globally distributed team is rewarding but has its challenges. We are across many different timezones, so we use tools like Notion, Slack, and Discord to stay connected to our team, and our community.

Human powered

As a completely remote and asynchronous team, we focus on these five traits to keep our team effective:

  • Egoless: Willing to do the schlep, the team goals come first.

  • Polyglot: Broad skillsets. Growth mindset.

  • Process Driven: Engineer yourself out of the job.

  • Intellectual Honesty: Put our own biases aside.

  • Kaizen mindset: Continuously improve all functions.

1,000 + Contributors building Supabase

We're building a community of communities, bringing together developers from many different backgrounds, as well as new developers looking to get involved with open source. We love celebrating everyone who contributes their time to the Supabase mission.

How we hire

The entire process is fully remote and all communication happens over email or via video chat in Google. Meet. The calls are all 1:1 and usually take between 20-45 minutes. We know you are interviewing us too, so please ask questions. We are happy to answer.

  1. Recruiter Interview: Chat with our recruiter to tell us about your career journey, professional goals and we'll share more about Supabase, the role & our recruitment process.

  2. Technical / Skill-based Interview: Meet with the team lead. In this interview we'll aim to learn about your hard skills and problem solving approach.

  3. Another Technical / Skill-based Interview: You'll either meet the department lead or peer. This interview will dive deeper into your hard skills and our expectations for this role.

  4. Final Founders Interview: Our co-founders meet every candidate as the final step. Learn more about Supabase's values, mission and vision directly from them.

Employee benefits

Learn about the employee benefits and perks provided at Supabase.

View benefits

Hardware budget

Use this budget for anything you need to set up your work environment from tech to office setup.

Co-working space budget

There are no Supabase offices, but we provide a co-working membership that you can use anywhere in the world.

Healthcare benefits

We provide 100% health coverage for employees and 80% for dependants. It's important to us that you & your family have health care covered.

Professional development

An annual allowance to spend on professional development and education. Use this for courses, books, conferences, or anything that supports your continuous learning.

View Supabase's employee benefits
Claim this profileSupabase logoSU

Supabase

View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

11 remote jobs at Supabase

Explore the variety of open remote roles at Supabase, offering flexible work options across multiple disciplines and skill levels.

View all jobs at Supabase

Remote companies like Supabase

Find your next opportunity by exploring profiles of companies that are similar to Supabase. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 85,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan