Security Operations Engineer
3w ago
Juniorguarddutyfrontmfa
Entry-level Security Operations Engineer role to provide 24-hour security alert triage, customer security ticket handling, and support internal IT operations.
About the company
- Supabase was born-remote and open-source-first. We believe our globally distributed team is our secret weapon in building tools developers love.
- 280+ team members
- 55+ countries
- 20+ languages spoken
- $500M raised
- 500,000+ community members
- We move fast, build in public, and use what we ship. If it’s in your project, we probably use it in ours too. We believe deeply in the open-source ecosystem and strive to support—not replace—existing tools and communities.
Responsibilities
- We’re looking for a Security Operations Engineer to join our Product Security team and help provide front-line coverage for security alerts, customer security tickets, and internal IT requests as Supabase continues to scale.
- This is an entry-level role designed for someone with strong judgment, curiosity, and clear communication. You’ll be one of three Security Operations Engineers working in a follow-the-sun rotation across New Zealand/Australia, Sri Lanka, and US Eastern, helping Supabase maintain effective 24-hour coverage for security-relevant work. You’ll triage alerts, handle customer security requests, support internal IT operations, improve runbooks, and escalate clearly to the right teams when issues need deeper investigation.
Nice to have
- Familiarity with Postgres, AWS, or developer tools ecosystems.
- Experience with Front, Linear, Notion, Okta, Google Workspace, Kandji, Jamf, Vanta, or similar tools.
- Open-source contributions, CTF participation, bug bounty experience, or a personal project that shows security curiosity.
- Experience improving support, SOC, trust and safety, fraud, or IT workflows, or basic scripting and automation experience.
Conditions
- Fully Remote We hire globally. We believe you can do your best work from anywhere. There are no Supabase offices, but we provide a WeWork membership or co-working allowance you can use anywhere in the world.
- ESOP Every team member receives ESOP (equity ownership) in the company. We want everyone to share in the upside of what we’re building together.
- Tech Allowance Use this budget to set up your ideal work environment—laptop, monitor, headphones, or whatever helps you do your best work.
- Health Benefits Supabase covers 100% of health insurance for employees and 80% for dependents, wherever you are. Your wellbeing and your family’s health are important to us.
- Annual Off-Sites Once a year, the entire company gathers in a new city for a week of connection, collaboration, and fun. It’s a highlight of our year.
- Flexible Work We operate asynchronously and trust you to manage your own time. You know what needs to be done and when.
- Professional Development Every team member receives an annual education allowance to spend on learning—courses, books, conferences, or anything that supports your growth.
How to apply
- We keep things simple, async-friendly, and respectful of your time:
- Apply – Our team will review your application.
- Intro Call – A short video chat to get to know each other.
- Interviews – Up to four calls with: Team Leads
- Future teammates
- Someone cross-functional from product, growth, or engineering (depending on the role)
- Someone from our leadership/founding team
- Decision – We may follow up with a final question or go straight to offer.
- All communication is remote and we aim to move fast.
Other
- Supabase is the Postgres development platform, built by developers for developers. We provide a complete backend solution including Database, Auth, Storage, Edge Functions, Realtime, and Vector Search. All services are deeply integrated and designed for growth.
- In this role, you’ll:
- First Response & Triage: Act as the first responder for security alerts from GuardDuty, dependency advisories, and other detection sources. Assess severity and escalate to the right lead across Platform, Product, Anti-Abuse, or Security.
- Customer Security Operations: Own customer security tickets in Front, including account recovery, MFA reset, GitHub-linked account loss, billing-based ownership verification, and org ownership disputes.
- Incident Response Support: Participate in the on-call pager rotation alongside other Security Operations Engineers and use documented playbooks to make consistent decisions.
- Process Improvement: Maintain and improve runbooks, decision trees, Front macros, and escalation paths. Identify patterns in tickets and alerts to flag opportunities for automation or workflow improvements.
- Internal IT Support & Compliance: Triage internal IT requests (access provisioning, SSO/Okta issues, device questions, MDM enrollment) and help maintain access records, joiner-mover-leaver hygiene, and compliance audit trails.
- Communication: Communicate clearly with customers, engineers, and internal stakeholders during sensitive or time-critical issues.
- Have prior experience in technical support, IT helpdesk, junior SOC analysis, trust and safety, fraud operations, or a similar triage-heavy environment.
- Have a foundational understanding of security concepts like MFA, JWTs, identity verification, account recovery, and access control.
- Have a foundational understanding of IT systems like SSO, identity providers, Google Workspace, Okta, and MDM tools like Kandji, Jamf, or similar.
- Are comfortable with a terminal, basic SQL, and reading simple scripts or macros (you do not need to be a developer).
- Can summarize a messy ticket or noisy alert in two sentences that explain what matters and what should happen next.
- Have strong customer-facing judgment and can stay calm, precise, and firm when handling sensitive access or account issues.
- Enjoy turning ambiguous workflows into clear checklists, runbooks, macros, and repeatable systems.
- Are comfortable working async across time zones and writing things down by default.