Skip to content
Hightouch

Application Security Lead

United StatesSecurity EngineeringRemote
Summary

Hands-on Application Security Lead owning security posture for a scaling SaaS platform. Focuses on multi-tenant isolation, threat modeling, API security, and multi-cloud architecture in distributed systems. Requires early security hire experience at SaaS/data infra companies with deep systems expertise.

About the role

Responsibilities

  • Own Hightouch's application security posture end-to-end.
  • Solve security problems in distributed systems: multi-tenant isolation (~1M data syncs/day, 100K+ events/sec), sub-tenant access control, security architecture (compute isolation, threat modeling, hardening new products).
  • Improve internet-facing APIs: rate limiting, abuse detection, granular access control.
  • Support multi-region/multi-cloud backend, extend to new regions for data residency.
  • Own roadmap: identify highest-leverage problems and fix them (hands-on in codebase).

Requirements

  • Early security hire (first 1-3) at SaaS/data infrastructure company.
  • Securing multi-tenant platforms: tenant isolation, authorization models.
  • Cloud security across multiple clouds, customer-owned accounts.
  • Designed/built data infrastructure as early engineer, securing from design/redesigns.
  • Privacy-adjacent security: PII handling, data residency, GDPR/CCPA controls.
  • Read application code, threat model distributed systems, ship production fixes.
  • Significant distributed systems expertise.
Skills
Multi-Tenant IsolationAuthorizationThreat ModelingRate LimitingAbuse DetectionAccess ControlCloud SecurityMulti-CloudMulti-RegionDistributed SystemsData ResidencyPII HandlingGDPRCCPAKubernetes
Apply