Tech Lead (DevSecOps)

Blinq (Melbourne VIC, Australia) Follow 1 hour ago

Premium Full-time Vulnerability AI API Firebase TypeScript

About Blinq

Blinq is the AI contacts app for people who meet people.

We're on a mission to unlock the world's relationship potential. So much of what's possible in the world is locked inside relationships that never quite happen. A missed conversation, a forgotten follow-up, the right person at the wrong time. We're building so those chances aren't left to chance.

What started as the world's #1 digital business card is now used by 4 million professionals and at 93% of the Fortune 500. We've raised $45m+ from Blackbird, Square Peg, HubSpot Ventures, and Touring Capital.

Learn more: https://blinq.me/

Why join Blinq

You want to be part of an AI-native company at an inflection point. Big enough to have real momentum, customers, and resources. Small enough that the work you do shapes where it goes from here.
You want to do the best work of your life alongside people doing the same. We hold an unusually high bar for talent and we hire people who treat that as a feature, not a threat.
You want to build something globally ambitious from a part of the world that doesn't always think this big. Our team is in Sydney, Melbourne, San Francisco, and New York, and we're betting that the next category-defining company in our space comes from Australia.
You want to work in person, on purpose. Three days a week in the office, two wherever works for you. Creative energy and momentum compound face to face.

How we work

We've all joined Blinq to find out how good we really are. That shows up in how we work:

We are professional optimists. We think what's possible first and let constraints come second.
We hold an insanely high talent bar. A players only.
We are obsessed with craft. The details are the thing, not the polish on top of it.
We are truth obsessed. We say what's true even when it's uncomfortable, and we have the courage to pursue contrarian but correct bets.
We do more with less. Calculated frugality and beautiful simplicity guide how we build.
We are all here to genuinely do our life's best work.

Engineering at Blinq

Our engineering team is the engine behind Blinq’s success. We’re building tools that make sharing who you are instant and human. Every line of code, every release, and every experiment is focused on driving meaningful impact. If you thrive on solving complex, high-impact problems with a tight-knit team, you’ll feel right at home here.

The role

We’re hiring a Tech Lead / DevSecOps Engineer, a security-first engineer who is also a strong backend engineer in our Node.js / TypeScript stack.

You'll set the technical direction for how we build securely, harden our cloud environment, own our security incident detection and response, and lead the work that takes our security posture (and compliance) to the next level. This is a high-trust, high-autonomy role with room to shape how security and infrastructure work as we scale.

What you'll do

Lead design and delivery across our Node.js / TypeScript backend and platform, balancing security and platform work with the product-adjacent building that keeps us shipping

Own and harden our GCP, Cloudflare, and Firebase infrastructure - IAM, networking, secrets management, and infrastructure-as-code (Pulumi TypeScript & Terraform)

Embed security into the SDLC: threat modeling, secure code review, and CI/CD security guardrails (SAST/DAST, dependency scanning)

Run vulnerability management end to end - triage, remediation, coordinating external penetration tests, and enhance our vulnerability disclosure programme

Own detection, logging, and incident response, including endpoint detection & response (EDR) and security monitoring in Datadog

Lead anti-phishing, spam, and platform-abuse detection and prevention

Drive identity and access governance - SSO, OAuth, and IAM audits and improvements

Drive our SOC 2 / ISO 27001 and privacy (GDPR) efforts, turning compliance requirements into pragmatic engineering controls

Set technical standards and mentor engineers, raising the bar for how the whole team builds and ships securely

What you'll bring

Tech Lead–level experience as a strong backend engineer with a security focus, ideally in Node.js / TypeScript

Solid application/product security fundamentals - OWASP, secure design, code review, API security

Hands-on cloud experience (GCP ideal; Cloudflare/Firebase a plus) and infrastructure-as-code (Pulumi in TypeScript; Terraform or similar experience translates well)

Detection & response depth - EDR, security monitoring / SIEM, and incident response. Hands-on experience with Datadog is highly desirable.

Familiarity with security tooling (SAST/DAST, Snyk/Dependabot/Renovate, secrets scanning, secrets management) and vulnerability management

Identity / auth depth - OAuth, SSO, and end-user authentication

Exposure to SOC 2, ISO 27001, or GDPR/privacy in a SaaS environment. Compliance automation (e.g. Vanta) a plus

A pragmatic, build-first mindset - comfortable owning ambiguity and setting direction in a scaling startup

Strong communication and the ability to lead and mentor without heavy process

Nice to have

Prior experience as an early or first security hire at a startup

DevSecOps / CI-CD security tooling and automation

Detection & incident response experience

Identity/auth depth (OAuth, SSO)

Endpoint security / MDM exposure (e.g. Iru)

What you get

Equity and ownership. We're building something massive and we want you to share in the upside. Genuinely.
Competitive salary and a real growth path. As Blinq grows, your role and compensation grow with it.
Time to switch off. 20 days of annual leave plus a flexible policy for everything life throws at you beyond that.
Good times, often. Team lunches, padel, games nights, Barry's sessions. We like hanging out and it shows.
Regular catered lunch at some of our offices, plus an always-stocked snack bar.

Apply Now

Save Job