Skip to content
NooksNooksSan Francisco, CA

Security Engineer

Second Security Engineer at Nooks.ai, securing an AI-native sales platform and its AI agents. Own threat modeling, secure SDLC, cloud hardening, compliance (SOC 2), and novel AI security challenges (guardrails, prompt injection). Requires 4-5+ years in infosec with strong app/cloud security fundamentals; startup experience preferred.

200k – 315k
Hybrid5+ YOESecurity Engineering

About the role

Responsibilities

  • Own security reviews and threat modeling for new and existing product surfaces.
  • Build and improve core security processes (secure SDLC, detection & response).
  • Harden cloud and application infrastructure and drive remediation of high-priority risks.
  • Help define how we secure AI agents and govern their use — guardrails, data exposure, prompt-injection and abuse risks.
  • Support enterprise customer trust: security questionnaires, compliance (SOC 2), and customer-facing security needs.
  • Partner closely with product and infra engineering to embed security into how we ship.

Requirements

  • 4-5+ years of hands-on information security experience.
  • Experience at a startup or early-stage company; comfort with ambiguity, autonomy, and high ownership.
  • Strong fundamentals in application and/or cloud security (AWS/GCP).
  • Pragmatic judgment — able to prioritize risk and do more with less.
  • Clear communication and a collaborative, low-ego style.

Nice-to-Haves

  • Experience securing AI agents / LLM systems or governing AI agent use within an organization.
  • Enterprise compliance experience (SOC 2, ISO 27001).

Skills

Application SecurityCloud SecurityAWSGCPThreat ModelingSecure SdlcDetection And ResponseSOC 2Ai SecurityLlm SecurityPrompt Injection
Decagon

Platform Engineer, Security

DecagonSan Francisco, CA

Lead application security strategy and implementation for Decagon's conversational AI platform. Partner with engineering teams to build security into AI-powered applications and establish testing programs.

200k – 330k
On-site3+ YOESecurity Engineering
Writer

Security engineer, detection and response (US)

WriterSan Francisco, CA

Builds and implements detection systems and automated responses for AI-specific threats like prompt injection and model extraction on distributed GPU infrastructure. Leads incident response, proactive threat hunting, and cross-team security coordination with 3-5+ years in security operations.

200k – 240k
Hybrid3+ YOESecurity Engineering
Notion

Software Engineer, Trust

NotionSan Francisco, CA +1

Builds authentication, security features, and AI-powered risk detection systems to ensure user trust and safety at scale. Requires 5-8 years experience in trust/safety/security with cross-functional collaboration.

200k – 280k
Hybrid5+ YOESecurity Engineering
Thinking Machines Lab

Infrastructure Engineer, Security

Thinking Machines LabSan Francisco, CA

Owns and evolves security infrastructure across compute, storage, networking, and data platforms for foundation models. Architects secure patterns, manages identities/secrets, builds threat models, and automates security checks in Kubernetes/cloud environments. Requires strong systems programming and infra experience.

200k – 475k
On-siteSecurity Engineering
Decagon

Security Engineer

DecagonSan Francisco, CA

Build and scale security foundations for Decagon's AI customer experience platform, implementing controls, tooling, detection pipelines, and partnering with engineering teams. Requires 3+ years security engineering with strong coding skills and cloud experience, ideally Google Cloud; onsite in San Francisco.

200k – 330k
On-site3+ YOESecurity Engineering