Lead Software Engineer, Security

SeatGeek believes live events are powerful experiences that unite humans. With our technological savvy and fan-first attitude we’re simplifying and modernizing the ticketing industry.

SeatGeek is looking for a security engineering professional for our Security team. As a Lead Software Engineer, Security, you’ll be involved in a mix of incident response, threat hunting, security engineering, and a trace of red teaming.

You’ll be leading critical security initiatives that strengthen our secure-by-default posture across our platform, products, and company. You’ll pair architectural guidance with hands-on engineering — building paved roads, tooling, and automated detection/response that scale. You’ll operate in a fast-paced, collaborative environment, partnering with both engineering and non-engineering teams to reduce risk without slowing builders down. As a lead engineer, you’ll own high-impact work end-to-end, mentor teammates, and help shape the roadmap and culture that make the secure path the easy path — from cloud and code to laptops, identity, email, and awareness.

What you'll do

• Deliver proactive, secure-by-default protections across the stack (cloud, CI/CD, applications, and endpoints) by creating paved roads and guardrails that reduce risk at scale and become the default way to build
• Provide practical security guidance on new products and technologies, emphasizing secure-by-default patterns that fit seamlessly into existing workflows
• Lead design reviews and threat modeling for high-impact features and services; identify risks early and ensure mitigations are designed in
• Build and scale security tooling that prevents issues at build/deploy time and automates detection and response in production
• Evolve our detection and incident response capabilities — improve signal quality, tune detections, and implement automated responders to reduce manual toil and time to contain
• Partner across business functions to strengthen company-wide security: endpoint and device trust, identity and email protections, security awareness and training, vendor reviews and risk assessments, and support for compliance (e.g., PCI/SOX)
• Protect SeatGeek from abuse and bots at the edge and app layers through layered defenses and tuning
• Lead and participate in notable security incidents and tabletops; improve runbooks, processes, and stakeholder communications after each event
• Mentor engineers, uplevel secure coding practices, and contribute to a positive, pragmatic security culture across the company

What you have

• 5+ years of broad, hands-on experience across multiple security domains, with strong software engineering fundamentals; track record of leading cross-domain security projects end-to-end (from design through rollout and adoption)
• Proficiency in one or more programming languages (we use Python, Go, and C#); you write production-quality code and perform rigorous reviews for correctness and security
• Track record of partnering across product, platform, and business functions to drive company-wide security outcomes
• Proven ability to deliver holistic, scalable prevention across security domains (platform/cloud, applications, CI/CD, identity and endpoints), favoring paved roads and default guardrails over one-off fixes
• Ability to think like both an attacker and a defender — leveraging each perspective to strengthen the other and drive meaningful improvements in prevention, detection, and response
• Community contributions (research, talks/blogging/OSS) and hands-on bot/abuse mitigation experience are a plus