Senior Security Engineer

We're looking for a Senior Security Engineer to own and elevate the security posture of our
cloud-native, AI-driven SaaS platform. Reporting to the Director of DevOps, you'll be the technical
anchor for security across our product, infrastructure, and organization - combining hands-on
engineering with the strategic judgment to translate risk into clear, actionable priorities.
This is a high-ownership role for someone who can operate end to end: threat modeling a new feature
in the morning, hardening cloud infrastructure in the afternoon, and briefing leadership on risk posture
by the end of the week. As we scale our platform and deepen our use of AI/ML, you'll define how we
build, ship, and operate securely - often standing up programs and controls that don't yet exist.
You'll work cross-functionally well beyond engineering, partnering with Customer Success, Marketing,
Finance, and Legal to make security a shared, business-aware practice rather than a gate at the end of
the line.

What You'll Do
• Own the day-to-day security engineering function across cloud infrastructure, application, and data
layers.
• Lead threat modeling, penetration testing, and vulnerability management across the product and
platform lifecycle.
• Design, implement, and continuously improve cloud security controls across AWS, GCP, and/or
Azure environments.
• Assess and secure our AI/ML systems, addressing the unique risks they introduce — from data
pipelines to model and LLM behavior.
• Drive compliance readiness and audit support for frameworks such as SOC 2, ISO 27001, and
GDPR.
• Embed security into the SDLC and CI/CD pipelines, partnering closely with DevOps and engineering
teams.
• Translate technical risk into clear business and board-level language, and advise leadership on
prioritization and trade-offs.
• Partner cross-functionally with non-engineering teams (Customer Success, Marketing, Finance,
Legal) to build security awareness and practical, low-friction controls.
• Lead or support incident response, including detection, containment, remediation, and post-incident
review.

Requirements:

Must Have
• 8+ years in security engineering, security architecture, or a CISO/Security Officer role.
• Deep cloud security experience (AWS / GCP / Azure).
• Hands-on with threat modeling, penetration testing, and vulnerability management.
• Working knowledge of AI/ML systems and their unique security challenges.
• Experience with compliance frameworks: SOC 2, ISO 27001, GDPR (or equivalent).
• Strong communication — translates technical risk into business and board language.
• Comfortable operating cross-functionally with non-engineering teams (CS, Marketing, Finance).

Nice to Have
• Prior experience in a fast-scaling SaaS or AI-driven product company.
• Hands-on red-teaming of LLM-based systems.
• Familiarity with the OWASP LLM Top 10 and NIST AI RMF.
• Certifications: CISSP, CISM, CCSP, or equivalent.
• Experience standing up a security program from scratch (rather than scaling an existing one).

What We Offer
• A pivotal, high-visibility role with the autonomy to shape security from the ground up.
• Direct collaboration with engineering leadership and a clear path to broader security ownership.
• The chance to secure a modern, AI-driven product at a meaningful inflection point of growth.