Senior Security Engineer

<p>We're looking for a Senior Security Engineer to own and elevate the security posture of our<br>cloud-native, AI-driven SaaS platform. Reporting to the Director of DevOps, you'll be the technical<br>anchor for security across our product, infrastructure, and organization - combining hands-on<br>engineering with the strategic judgment to translate risk into clear, actionable priorities.<br>This is a high-ownership role for someone who can operate end to end: threat modeling a new feature<br>in the morning, hardening cloud infrastructure in the afternoon, and briefing leadership on risk posture<br>by the end of the week. As we scale our platform and deepen our use of AI/ML, you'll define how we<br>build, ship, and operate securely - often standing up programs and controls that don't yet exist.<br>You'll work cross-functionally well beyond engineering, partnering with Customer Success, Marketing,<br>Finance, and Legal to make security a shared, business-aware practice rather than a gate at the end of<br>the line.</p> <p><strong>What You'll Do<br></strong>• Own the day-to-day security engineering function across cloud infrastructure, application, and data<br>layers.<br>• Lead threat modeling, penetration testing, and vulnerability management across the product and<br>platform lifecycle.<br>• Design, implement, and continuously improve cloud security controls across AWS, GCP, and/or<br>Azure environments.<br>• Assess and secure our AI/ML systems, addressing the unique risks they introduce — from data<br>pipelines to model and LLM behavior.<br>• Drive compliance readiness and audit support for frameworks such as SOC 2, ISO 27001, and<br>GDPR.<br>• Embed security into the SDLC and CI/CD pipelines, partnering closely with DevOps and engineering<br>teams.<br>• Translate technical risk into clear business and board-level language, and advise leadership on<br>prioritization and trade-offs.<br>• Partner cross-functionally with non-engineering teams (Customer Success, Marketing, Finance,<br>Legal) to build security awareness and practical, low-friction controls.<br>• Lead or support incident response, including detection, containment, remediation, and post-incident<br>review.</p> <p><strong>Requirements:</strong></p> <p><strong>Must Have<br></strong>• 8+ years in security engineering, security architecture, or a CISO/Security Officer role.<br>• Deep cloud security experience (AWS / GCP / Azure).<br>• Hands-on with threat modeling, penetration testing, and vulnerability management.<br>• Working knowledge of AI/ML systems and their unique security challenges.<br>• Experience with compliance frameworks: SOC 2, ISO 27001, GDPR (or equivalent).<br>• Strong communication — translates technical risk into business and board language.<br>• Comfortable operating cross-functionally with non-engineering teams (CS, Marketing, Finance).<strong><br></strong></p> <p><strong>Nice to Have<br></strong>• Prior experience in a fast-scaling SaaS or AI-driven product company.<br>• Hands-on red-teaming of LLM-based systems.<br>• Familiarity with the OWASP LLM Top 10 and NIST AI RMF.<br>• Certifications: CISSP, CISM, CCSP, or equivalent.<br>• Experience standing up a security program from scratch (rather than scaling an existing one).<strong><br></strong></p> <p><strong>What We Offer<br></strong>• A pivotal, high-visibility role with the autonomy to shape security from the ground up.<br>• Direct collaboration with engineering leadership and a clear path to broader security ownership.<br>• The chance to secure a modern, AI-driven product at a meaningful inflection point of growth.</p>