About the position
Amplitude is the leading digital analytics platform that helps companies unlock the power of their products. Over 4,300 customers, including Atlassian, NBCUniversal, Under Armour, Square, and Jersey Mike's, rely on Amplitude to gain self-service visibility into the entire customer journey. Amplitude guides companies every step of the way as they capture data they can trust, uncover clear insights about customer behavior, and take faster action. When teams understand how people are using their products, they can deliver better product experiences that drive growth. Amplitude is the best-in-class analytics solution for product, data, and marketing teams, ranked #1 in multiple categories in G2's Summer 2025 Report. As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.
Responsibilities
- Contribute to building and maintaining secure-by-default development patterns, libraries, and templates ('golden paths')
- Implement security checks in CI/CD workflows (e.g. GitHub Actions, Argo Workflows) and in runtime environments (e.g. Kubernetes admission controllers)
- Leverage AI/ML tools to automate code review, alert triage, log analysis, and threat detection for application-layer risks
- Write and tune rules to catch insecure code patterns and prevent critical vulnerabilities from reaching production
- Collaborate with developers to remediate security issues by offering clear guidance and, where needed, hands-on support
- Contribute to internal tooling and frameworks to make secure development frictionless and fast
- Participate in an on-call rotation for urgent security issues and incident response
Requirements
- 2 - 4 years of experience in software development or security engineering roles, ideally with a focus on secure application development
- Comfortable writing production-quality code in at least one backend language (e.g. TypeScript, Python, Java)
- Understanding of API security principles and common web application vulnerabilities (e.g. OWASP Top 10)
- Familiarity with CI/CD pipelines and containerized environments such as Kubernetes
- Interest or experience with AI/ML tools for security automation
- A collaborative mindset and willingness to take ownership of problems
- A bias toward action; you're willing to roll up your sleeves and fix issues directly
Benefits
- Excellent medical, dental and vision insurance coverages, with 100% employer-paid premiums for employee medical, dental, vision on select plans
- Flexible time off, paid holidays, and more
- Generous stipends to spend on what matters most to you, whether that's wellness (monthly), commuter transit/parking (monthly), learning and development (quarterly), home office equipment (annual), and much more
- Excellent Parental benefits including: 12-20 weeks of Paid Parental Leave, Carrot Fertility Benefits/Adoption/Surrogacy support, Back-up Child Care support
- Mental health and wellness benefits including no cost employee access to Modern Health coaching & therapy Sessions and high quality physician office experience via One Medical membership (select U.S. locations only)
- Employee Stock Purchase Program (ESPP)