Security Engineer, Platform

Resend is growing fast, and there are now over 2 million developers using it. As the Platform Squad, we are responsible for the internal platform and reliability foundations that let Resend teams build, deploy, observe, and operate services safely. This role is fully remote based in Americas or European timezones, with some expected travel for team offsites, conferences, meetups, and more. Read more about how we work, how we hire, and what we value here https://resend.com/handbook. IN THIS ROLE, YOU WILL… - Build and improve the security foundations of Resend’s platform, including API keys, service permissions, secrets management, tenant isolation, audit logs, and internal access controls - Help design secure defaults for new services, workers, queues, databases, internal tools, and deployment pipelines - Improve detection and response for suspicious access, leaked credentials, abnormal sending behavior, privilege changes, and sensitive system events - Review and update our processes/pipelines so that security is “built-in”, not “bolt-on” - Raise the security bar YOU WILL BE A GREAT FIT IF YOU... - Have experience securing production infrastructure, cloud environments, APIs, developer platforms, or multi-tenant SaaS products - Can write code and are comfortable reading application, infrastructure, and deployment code - Understand authentication, authorization, secrets, IAM, logging, audit trails, incident response, and secure deployment pipelines. - Independently prioritize and drive your day-to-day as the first dedicated security hire - Prefer practical improvements over heavy processes - Are low-ego, direct, curious, and willing to learn from others - Care about developer experience and believe security should be easy to adopt YOU WILL BE AN EXCEPTIONAL FIT IF YOU ALSO... - Have experience with email infrastructure, transactional email, sender reputation, domain verification, SPF, DKIM, DMARC, webhooks, or abuse prevention - Have secured cloud infrastructure using tools like AWS, Terraform, Kubernetes, Cloudflare, or similar systems - Have experience with open source security, GitHub organization hardening, package publishing, dependency review, or supply-chain security - Have helped a company prepare for SOC 2, ISO 27001, GDPR, enterprise security reviews, or customer trust processes without turning engineering into a compliance machine - Have built security observability, alerting, detection pipelines, or incident response workflows - Have worked closely with Trust & Safety, anti-abuse, fraud, or platform integrity teams - Have experience designing security systems for high-scale developer products WHAT IT MEANS TO JOIN THE TEAM: - Autonomy to "just ship it" - 100% remote team with flexible working schedules - Modern tech stack (Next.js, Raycast, Notion, etc.) - Honest and low-ego team - Ownership of problems and solutions - Comp: $120,000 - $140,000 USD, commensurate with experience ABOUT RESEND We are building the modern email sending platform for developers. We care deeply about quality, craft, and the developer experience. Our fully remote team of 45 spans 13 countries and counting. We're backed by a16z, Y Combinator, and others. Meet the humans → https://resend.com/humans