Security & DevOps Engineer

Rive is a new way to build production-ready UI and graphics — with rich interactivity and state-driven animation. We're on a mission to make hard-coded graphics a thing of the past with a new general-purpose graphics format for all types of software and Ul. Rive empowers teams to iterate faster and build better products.

We’ve seen tremendous organic growth over the last few years. Our innovative customers include tech giants, game studios, consumer apps with millions of users… there are even Rive pixels in space! 

As our enterprise customer adoption increases so does our need for trust, security, SOC 2 and ISO 27001 certification. We're looking for a Security & DevOps Engineer who can help us continuously improve our infrastructure, implement best-in-class security practices, and lead our certification efforts. Help shape the security function as Rive grows - with the opportunity to grow into a security leadership role.

Some of what you’ll do

• Security & Compliance
• Lead Rive’s SOC 2, ISO 27001, and other security certification processes, partnering with external vendors and auditors.
• Maintain and document security policies, controls, and procedures across infrastructure and engineering.
• Monitor and maintain security posture (e.g. IAM, encryption, vulnerability scans, audit logs).
• Work with teams across the company to implement security-by-design practices.
• Be the point of contact for all presales customer security reviews.
  
• DevOps & Infrastructure
• Own and improve our CI/CD pipelines, observability, and cloud infrastructure on AWS.
• Automate compliance requirements using tools like Vanta, Drata, or similar.
• Implement infrastructure-as-code practices and support secure deployment pipelines.
• Collaborate with engineering teams to ensure systems are secure, scalable, and maintainable.

• Security Culture & Enablement
• Conduct periodic risk assessments, access reviews, and incident response drills.
• Educate and empower the team to follow secure development and data handling practices.

• 4+ years in DevOps, Infrastructure, or Security Engineering roles (ideally with a SaaS startup).
• Experience working with cloud platforms (AWS in particular), containerization, and modern CI/CD.
• Familiarity with security frameworks like SOC 2, ISO 27001, or NIST.
• Hands-on experience with compliance tooling (Vanta, Drata, Secureframe) and writing policies.
• Strong scripting/automation skills (Python, Bash, Terraform, etc.).
• Proactive communicator who can work autonomously, cross-functionally and translate security needs into practical solutions.

Location: San Francisco, CA (hybrid) or US and Canada (remote)

Compensation and benefits: We offer a remote centric work environment, comprehensive health, dental, and vision coverage as well as stock options. Rive is committed to fair and equitable compensation practices. Compensation may depend on various factors including, but not limited to relevant work experience, skills, and geographic location. The salary range for this role is $135,000 to $170,000. 

At Rive we are a global group of passionate designers and developers who believe in transparency, failing fast, quick iteration, and experimentation. We aim to build a diverse and inclusive culture where everyone feels supported.

Backed by prominent VCs like a16z and Two Sigma Ventures, we have an incredible opportunity to be game changers in the world of creating interactive content. Help us accelerate the design industry's transition to Rive!