Security Operations Engineer

About Supabase

Supabase is the Postgres development platform, built by developers for developers. We provide a complete backend solution including Database, Auth, Storage, Edge Functions, Realtime, and Vector Search. All services are deeply integrated and designed for growth.

About the Role

We’re looking for a Security Operations Engineer to join our Product Security team and help provide front-line coverage for security alerts, customer security tickets, and internal IT requests as Supabase continues to scale.

This is an entry-level role designed for someone with strong judgment, curiosity, and clear communication. You’ll be one of three Security Operations Engineers working in a follow-the-sun rotation across New Zealand/Australia, Sri Lanka, and US Eastern, helping Supabase maintain effective 24-hour coverage for security-relevant work. You’ll triage alerts, handle customer security requests, support internal IT operations, improve runbooks, and escalate clearly to the right teams when issues need deeper investigation.

What You’ll Be Responsible for

In this role, you’ll:

• First Response & Triage: Act as the first responder for security alerts from GuardDuty, dependency advisories, and other detection sources. Assess severity and escalate to the right lead across Platform, Product, Anti-Abuse, or Security.

• Customer Security Operations: Own customer security tickets in Front, including account recovery, MFA reset, GitHub-linked account loss, billing-based ownership verification, and org ownership disputes.

• Incident Response Support: Participate in the on-call pager rotation alongside other Security Operations Engineers and use documented playbooks to make consistent decisions.

• Process Improvement: Maintain and improve runbooks, decision trees, Front macros, and escalation paths. Identify patterns in tickets and alerts to flag opportunities for automation or workflow improvements.

• Internal IT Support & Compliance: Triage internal IT requests (access provisioning, SSO/Okta issues, device questions, MDM enrollment) and help maintain access records, joiner-mover-leaver hygiene, and compliance audit trails.

• Communication: Communicate clearly with customers, engineers, and internal stakeholders during sensitive or time-critical issues.

You Might Be a Good Fit If You

• Have prior experience in technical support, IT helpdesk, junior SOC analysis, trust and safety, fraud operations, or a similar triage-heavy environment.

• Have a foundational understanding of security concepts like MFA, JWTs, identity verification, account recovery, and access control.

• Have a foundational understanding of IT systems like SSO, identity providers, Google Workspace, Okta, and MDM tools like Kandji, Jamf, or similar.

• Are comfortable with a terminal, basic SQL, and reading simple scripts or macros (you do not need to be a developer).

• Can summarize a messy ticket or noisy alert in two sentences that explain what matters and what should happen next.

• Have strong customer-facing judgment and can stay calm, precise, and firm when handling sensitive access or account issues.

• Enjoy turning ambiguous workflows into clear checklists, runbooks, macros, and repeatable systems.

• Are comfortable working async across time zones and writing things down by default.

Nice to Have

• Familiarity with Postgres, AWS, or developer tools ecosystems.

• Experience with Front, Linear, Notion, Okta, Google Workspace, Kandji, Jamf, Vanta, or similar tools.

• Open-source contributions, CTF participation, bug bounty experience, or a personal project that shows security curiosity.

• Experience improving support, SOC, trust and safety, fraud, or IT workflows, or basic scripting and automation experience.

What We Offer

• Fully Remote

  We hire globally. We believe you can do your best work from anywhere. There are no Supabase offices, but we provide a WeWork membership or co-working allowance you can use anywhere in the world.

• ESOP

  Every team member receives ESOP (equity ownership) in the company. We want everyone to share in the upside of what we’re building together.

• Tech Allowance

  Use this budget to set up your ideal work environment—laptop, monitor, headphones, or whatever helps you do your best work.

• Health Benefits

  Supabase covers 100% of health insurance for employees and 80% for dependents, wherever you are. Your wellbeing and your family’s health are important to us.

• Annual Off-Sites

  Once a year, the entire company gathers in a new city for a week of connection, collaboration, and fun. It’s a highlight of our year.

• Flexible Work

  We operate asynchronously and trust you to manage your own time. You know what needs to be done and when.

• Professional Development

  Every team member receives an annual education allowance to spend on learning—courses, books, conferences, or anything that supports your growth.

About the Team

Supabase was born-remote and open-source-first. We believe our globally distributed team is our secret weapon in building tools developers love.

• 280+ team members

• 55+ countries

• 20+ languages spoken

• $500M raised

• 500,000+ community members

We move fast, build in public, and use what we ship. If it’s in your project, we probably use it in ours too. We believe deeply in the open-source ecosystem and strive to support—not replace—existing tools and communities.

Hiring Process

We keep things simple, async-friendly, and respectful of your time:

1. Apply – Our team will review your application.

2. Intro Call – A short video chat to get to know each other.

3. Interviews – Up to four calls with:

   • Team Leads

   • Future teammates

   • Someone cross-functional from product, growth, or engineering (depending on the role)

   • Someone from our leadership/founding team

4. Decision – We may follow up with a final question or go straight to offer.

All communication is remote and we aim to move fast.