As a Lead Security Engineer at Stream, you will play a pivotal role in defining and executing the company’s security strategy. This role blends technical expertise with leadership responsibilities and strategic alignment with business priorities. You will take ownership of improving the security of our AWS infrastructure, supporting secure software development practices, and managing critical compliance and customer-facing activities.
You’ll lead and mentor security engineers, coordinate company-wide security initiatives, and work closely with Infrastructure, Development, and other teams. You will also be directly responsible for monitoring and triaging security events, such as Linux system alerts and AWS GuardDuty findings, ensuring rapid detection and effective response.
In addition, you’ll contribute to customer trust by managing security questionnaires, conducting vendor risk assessments, and supporting ongoing compliance efforts (e.g., ISO 27001:2022 and SOC2 Type II).
This is a full-time job opening based in our Amsterdam office.
Hybrid policy: applicants based in the Netherlands or relocating here, are expected to work in the office in Amsterdam 3 times per week. Exemptions may apply to specific cases.
Relocation and visa sponsorship is possible.
Design and lead the implementation of security controls for AWS workloads, APIs, and infrastructure.
Drive improvements in the Secure Software Development Lifecycle (SSDLC).
Lead threat modeling exercises and perform in-depth manual security assessments.
Review code (Python, Go) and architecture for vulnerabilities and guide secure design decisions.
Provide leadership and mentorship across the security and engineering teams.
Triaging and responding to security alerts across the Linux instances and AWS environments (e.g., GuardDuty, CloudTrail anomalies).
Lead efforts to investigate and remediate security incidents, collaborating with internal stakeholders as needed.
Respond to customer security questionnaires, support audits, and lead vendor security evaluations.
Maintain and enhance Stream’s technical posture related to ISO 27001, SOC2 Type II, HIPAA, GDPR
Promote security awareness through phishing simulations and internal training.
About You
You bring deep, hands-on experience across multiple security domains, including cloud, application, and infrastructure security.
You are highly skilled with AWS security tools and concepts (IAM, GuardDuty, CloudTrail, etc.).
You are familiar with Linux internals and capable of investigating alerts and system anomalies.
You are comfortable leading projects, mentoring team members, and engaging with non-technical stakeholders.
You balance risk and business context when recommending or implementing security improvements.
You’re curious, analytical, and up-to-date on modern security practices and threats.
Bonus points
Startup experience
Background in developer-focused or API companies.
At Stream, we use a wide collection of technologies to offer highly optimized and available features to our customers. Here is a shortlist of the technology that we currently use:
Go, gRPC, RocksDB, Python
Postgresql, RabbitMQ
AWS, Puppet, CloudFormation
Grafana, Graphite, ELK, Jaeger
Redis, Memcached
You'll guard the data of 1.5 billion users.
History of success. From Amsterdam to Boulder and Techstars in-between, Stream has raised over $58.25M to build the best Chat Messaging & Activity Feed infrastructure available, with best-in-class support.
Freedom and endless growth opportunities. As a rapidly growing startup (since 2020 we have gone from 30 to 150 employees), Stream gives you unique personal and professional growth opportunities. The opportunity of true ownership and accountability has a massive impact on your career. These are the things you can rarely experience in huge corporations.
Be on the front line of progress and innovation. While working with cutting-edge technology, we are passionate about tackling difficult tech problems at scale and creating reusable components for them, empowering engineering teams to ship apps faster, more securely, and with a better user experience.
They believe in us: Stream is backed by leading VC companies (Felicis Ventures, GGV Capital, 01.Advisors, Techstars, Arthur Ventures), including backers like Dick Costolo (01 Advisors, ex-CEO of Twitter), Olivier Pomel (CEO of Datadog), Tom Preston-Werner (Co-Founder of GitHub), Nicolas Dessaigne (Co-Founder of Algolia), Johnny Boufarhat (Founder and CEO of Hopin).
Stream employees enjoy some of the best job benefits in the industry:
A team of exceptional engineers
The chance to work on OSS projects
28 days paid time off plus paid Dutch holidays
Company equity
A pension scheme
Hybrid work flexibility (3 days in-office)
A Learning and Development budget
Commute coverage: NS business card or a company bike
Fitness stipend
Bi-weekly in-office chair massages by a professional
MacBook Pro and peripherals provided
Healthy catered team lunches and plenty of snacks
A generous relocation package, visa sponsorship and 30% ruling support
An office in the heart of Amsterdam
The opportunity to attend or present at global conferences and meetups
The possibility to visit our office in Boulder, CO
Note: this list of job benefits applies to Netherlands-based employees and is adjusted per your location of residence.
Stream has a casual social culture, our team is diverse and we all have different backgrounds. Now, Stream is a team of over 145+ peers from over 35 countries across the globe.
We value transparency, aim for excellence, and support each other on our way to new victories.
Our team consists of the strongest talents worldwide, making Stream a great place to learn and improve your skills.
When it comes to software engineering jobs, our culture is oriented towards ownership and quality: our goal is to deliver stable software.
If you are interested in becoming a part of what we do, apply for this vacancy now!
Hybrid office policy: applicants based (or relocating to) one of our office locations are expected to work according to the applicable local office attendance policy.
Equal opportunity employer statement: Stream provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Note for external recruiters: We currently have this role covered and do not accept unsolicited agency resumes. We are not responsible for any fees related to unsolicited resumes.
Laminar Projects
Improvado
Improvado
Insider.
Wincent