Lead Security Engineer

As a Lead Security Engineer at Stream, you will play a pivotal role in defining and executing the company’s security strategy. This role blends technical expertise with leadership responsibilities and strategic alignment with business priorities. You will take ownership of improving the security of our AWS infrastructure, supporting secure software development practices, and managing critical compliance and customer-facing activities.

You’ll lead and mentor security engineers, coordinate company-wide security initiatives, and work closely with Infrastructure, Development, and other teams. You will also be directly responsible for monitoring and triaging security events, such as Linux system alerts and AWS GuardDuty findings, ensuring rapid detection and effective response.

In addition, you’ll contribute to customer trust by managing security questionnaires, conducting vendor risk assessments, and supporting ongoing compliance efforts (e.g., ISO 27001:2022 and SOC2 Type II).

This is a full-time job opening based in our Amsterdam office.

Hybrid policy: applicants based in the Netherlands or relocating here, are expected to work in the office in Amsterdam 3 times per week. Exemptions may apply to specific cases.

Relocation and visa sponsorship is possible.

What will you work on

• Design and lead the implementation of security controls for AWS workloads, APIs, and infrastructure.

• Drive improvements in the Secure Software Development Lifecycle (SSDLC).

• Lead threat modeling exercises and perform in-depth manual security assessments.

• Review code (Python, Go) and architecture for vulnerabilities and guide secure design decisions.

• Provide leadership and mentorship across the security and engineering teams.

• Triaging and responding to security alerts across the Linux instances and AWS environments (e.g., GuardDuty, CloudTrail anomalies).

• Lead efforts to investigate and remediate security incidents, collaborating with internal stakeholders as needed.

• Respond to customer security questionnaires, support audits, and lead vendor security evaluations.

• Maintain and enhance Stream’s technical posture related to ISO 27001, SOC2 Type II, HIPAA, GDPR

• Promote security awareness through phishing simulations and internal training.

About You

• You bring deep, hands-on experience across multiple security domains, including cloud, application, and infrastructure security.

• You are highly skilled with AWS security tools and concepts (IAM, GuardDuty, CloudTrail, etc.).

• You are familiar with Linux internals and capable of investigating alerts and system anomalies.

• You are comfortable leading projects, mentoring team members, and engaging with non-technical stakeholders.

• You balance risk and business context when recommending or implementing security improvements.

• You’re curious, analytical, and up-to-date on modern security practices and threats.

Bonus points

• Startup experience

• Background in developer-focused or API companies.

Our tech stack

At Stream, we use a wide collection of technologies to offer highly optimized and available features to our customers. Here is a shortlist of the technology that we currently use:

• Go, gRPC, RocksDB, Python

• Postgresql, RabbitMQ

• AWS, Puppet, CloudFormation

• Grafana, Graphite, ELK, Jaeger

• Redis, Memcached

What makes this role exciting?

• You'll guard the data of 1.5 billion users.

Why join Stream?

• History of success. From Amsterdam to Boulder and Techstars in-between, Stream has raised over $58.25M to build the best Chat Messaging & Activity Feed infrastructure available, with best-in-class support.

• Freedom and endless growth opportunities. As a rapidly growing startup (since 2020 we have gone from 30 to 150 employees), Stream gives you unique personal and professional growth opportunities. The opportunity of true ownership and accountability has a massive impact on your career. These are the things you can rarely experience in huge corporations.

• Be on the front line of progress and innovation. While working with cutting-edge technology, we are passionate about tackling difficult tech problems at scale and creating reusable components for them, empowering engineering teams to ship apps faster, more securely, and with a better user experience.

• They believe in us: Stream is backed by leading VC companies (Felicis Ventures, GGV Capital, 01.Advisors, Techstars, Arthur Ventures), including backers like Dick Costolo (01 Advisors, ex-CEO of Twitter), Olivier Pomel (CEO of Datadog), Tom Preston-Werner (Co-Founder of GitHub), Nicolas Dessaigne (Co-Founder of Algolia), Johnny Boufarhat (Founder and CEO of Hopin).

What we have to offer you

Stream employees enjoy some of the best job benefits in the industry:

• A team of exceptional engineers

• The chance to work on OSS projects

• 28 days paid time off plus paid Dutch holidays

• Company equity

• A pension scheme

• Hybrid work flexibility (3 days in-office)

• A Learning and Development budget

• Commute coverage: NS business card or a company bike

• Fitness stipend

• Bi-weekly in-office chair massages by a professional

• MacBook Pro and peripherals provided

• Healthy catered team lunches and plenty of snacks

• A generous relocation package, visa sponsorship and 30% ruling support

• An office in the heart of Amsterdam

• The opportunity to attend or present at global conferences and meetups

• The possibility to visit our office in Boulder, CO

Note: this list of job benefits applies to Netherlands-based employees and is adjusted per your location of residence.

Our culture

Stream has a casual social culture, our team is diverse and we all have different backgrounds. Now, Stream is a team of over 145+ peers from over 35 countries across the globe.

We value transparency, aim for excellence, and support each other on our way to new victories.

Our team consists of the strongest talents worldwide, making Stream a great place to learn and improve your skills.

When it comes to software engineering jobs, our culture is oriented towards ownership and quality: our goal is to deliver stable software.

If you are interested in becoming a part of what we do, apply for this vacancy now!

Hybrid office policy: applicants based (or relocating to) one of our office locations are expected to work according to the applicable local office attendance policy.

Equal opportunity employer statement: Stream provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Note for external recruiters: We currently have this role covered and do not accept unsolicited agency resumes. We are not responsible for any fees related to unsolicited resumes.