Principal Security Engineer

About us

SearchStax is a leading cloud-native search platform enabling web teams to deliver powerful search in an easy, fast, and cost-effective way. We are on a mission to make powerful search easy for enterprises across the globe. We are self-funded and profitable.

Our products are used by 600+ brand-name customers. The search market is growing fast. We feel we are uniquely positioned to continue to lead the search market for many years to come. 

Our team is composed of smart, driven subject matter experts who love to collaborate and solve problems in new / creative ways. We value the importance of bringing diverse backgrounds and interests to the collaboration process. We prioritize work-life balance and strive to promote an energizing and healthy environment. 

Our Values 

• Ownership

• Lead humbly

• Results focused

• Customer Obsession

• Embrace and drive change

• Innovation and continual Improvement

About the Role

We are seeking a Principal Security Engineer to join our Infrastructure team and lead the design, implementation, and oversight of security controls that enable SearchStax to achieve and maintain FedRAMP compliance. This role is critical to our FedRAMP 20X → Moderate progression, ensuring that our infrastructure is secure, resilient, and audit-ready as we scale.

The 20X program is centered on automation. In their latest guidance, auditors have indicated that the difference between 20X Low and 20X Moderate will be automation of the compliance process. Instead of requiring hundreds of manual checkpoints, the program will rely on ~20 automated checkpoints, making automation skills a must-have for success in this role.

As the senior/staff-level Security Engineer, you will serve as both architect and hands-on builder, driving security strategy while rolling up your sleeves to implement the automation, controls, and systems that keep our platform compliant and secure.

If this sounds like you, let’s talk! 

What You Will Do

• Architect & Implement Security Controls: Design and implement FedRAMP-based security controls, with automation at the core of compliance strategy.

• Compliance Readiness: Drive audit readiness by building automated evidence collection, control validation, and remediation workflows.

• Vulnerability Management: Own vulnerability scanning, triage, prioritization, and remediation workflows—ensuring timely closure across infrastructure and product engineering teams.

• Automation of Compliance: Build and maintain scripts, APIs, and workflows (Python, JSON, databases, system-level coding) to automate compliance reporting, evidence gathering, and monitoring.

• Deep AWS Security Architecture: Configure AWS for audit success, leveraging services like AWS Config, AWS SSM, IAM, CloudTrail, GuardDuty, and Security Hub.

• Collaboration with Consultants & Vendors: Partner with external assessors, consultants, and vendors to meet compliance objectives and manage security reviews.

• Continuous Improvement: Identify gaps, recommend improvements, and proactively evolve our security posture in line with FedRAMP requirements and industry best practices.

• Documentation & Training: Maintain clear documentation of controls and processes; enable cross-team awareness and training around security practices.

Why Join Us

SearchStax is entering a pivotal stage of growth and compliance maturity. As we progress through FedRAMP 20X → Moderate, security is mission-critical for unlocking new markets and customers. By joining our team, you’ll:

• Play a foundational role in building the compliant infrastructure that powers mission-critical search experiences for government and enterprise customers.

• Drive initiatives where success = audit readiness + compliant infrastructure setup.

• Influence not just controls, but how security becomes part of our engineering DNA as we scale 15x in the coming years.

• Work directly with leadership, consultants, and auditors—your expertise and decisions will directly impact our ability to grow and win.

What You Must Have 

• Experience: 8+ years in Security Engineering, Cloud Security, or Infrastructure Security, with proven expertise implementing compliance frameworks (FedRAMP, SOC2, ISO 27001, HIPAA, etc.).

• FedRAMP Knowledge: Hands-on experience architecting and implementing FedRAMP-based controls, ideally with successful FedRAMP Moderate audit readiness.

• Automation Expertise: Strong Python programming skills at the system level (databases, APIs, JSON), with proven ability to automate compliance and evidence workflows.

• Cloud Security (AWS): Deep experience in AWS security and compliance, including AWS Config, AWS SSM, IAM, CloudTrail, GuardDuty, and related services.

• Vulnerability Management: Track record of leading vulnerability management programs at scale.

• Infrastructure & Automation: Familiarity with Infrastructure as Code (Terraform, CloudFormation) and CI/CD pipelines with embedded security checks.

• Leadership & Influence: Ability to drive cross-functional alignment, influence engineering practices, and serve as a trusted security advisor.

• Mindset: Senior/staff+ level operator—comfortable being both architect and hands-on executor, with urgency and ownership over outcomes.

What's In It For You

• 🌍 Remote-First: We're a diverse team spanning the United States and India, with a collaborative workspace in Los Angeles, CA.

• 💰 Competitive Compensation & Stock Options: We want you to share in our success. As a team member, you'll have the chance to become a shareholder.

• 🌱 401k Match: We offer a 4% match on 401k contributions to help you save for the future.

• 💉 Healthcare Benefits: Your health matters! We've got you covered with comprehensive medical, dental, and vision plans. Best of all, we foot the bill for 100% of employee-only premiums.

• 🌴 Paid Time Off: We value work-life balance. We offer flexible vacation time and paid holidays.

• 🚀 Exciting Growth Opportunities: We are building cutting-edge open source and cloud technology. There is no shortage of opportunities to innovate and grow your career.

Pay Transparency

• Base Salary: The base salary range for this role is $175,000-$240,000.

• Salary Structure: Our salary ranges are determined by market analysis and are designed to evolve with job performance over time.

• Additional Benefits: Beyond base salaries, SearchStax employees enjoy a comprehensive benefits package, with potential for equity and performance-based bonuses.

We work hard to present an equitable and fair offer. We look at the candidate’s knowledge, skills, and experience, along with their compensation expectations and align that with our company equity processes to determine our offer ranges.Each we review company performance and may grant discretionary bonuses to eligible team members.

Additional Information

We believe in supporting people to do their best work and thrive, and building a diverse, equitable, and inclusive company is core to our mission. Our goal is to ensure that SearchStax upholds an inclusive environment where all people feel that they are equally respected and valued, whether they are applying for an open position or working at the company.

SearchStax is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, marital status, age, disability, national or ethnic origin, military service status, citizenship, or other protected characteristic.

E-Verify process is completed in conjunction with the Form I-9 Employment Eligibility Verification on or before the first day of work. E-Verify is not used as a tool to pre-screen candidates. For up-to-date information on E-Verify, go to https://www.e-verify.gov/.