Security Engineer builds and maintains security for ML infrastructure platform, designing secure cloud/container systems, managing vulnerabilities/incidents, IAM, compliance, and integrating DevSecOps. Requires 3+ years experience in cloud security and security tools.
150k – 250k/yr
Hybrid3+ YOESecurity Engineering
About the role
Responsibilities
Security architecture and design: Collaborate with engineering teams to design and implement secure systems and infrastructure, including cloud (AWS/GCP) environments and container orchestration platforms.
Vulnerability management: Lead proactive vulnerability assessments, pen tests, and remediation efforts to ensure our products and infrastructure remain secure.
Incident response: Develop and maintain incident response processes, including detection, analysis, containment, eradication, and post-incident reviews.
Identity and access management (IAM): Oversee IAM strategies and tools to ensure the right people have the right level of access to our systems and data.
Security compliance and audits: Work closely with operations to ensure compliance with relevant standards (e.g., SOC 2, ISO 27001) and assist with audits, policy creation, and risk assessments.
Employee security training: Develop and deliver security training programs and documentation to keep our team informed about best practices, social engineering threats, and secure coding standards.
DevSecOps integration: Partner with DevOps teams to embed security into the CI/CD pipeline, automating security checks and fostering a culture of “security as code.”
Requirements
3+ years of experience in a Security Engineer or similar security-focused role, preferably in a fast-paced startup environment.
Strong knowledge of cloud security (AWS/GCP), container security, and infrastructure-as-code best practices.
Hands-on experience with security tooling (SIEM, IDS/IPS, vulnerability scanners) and scripting languages to automate security tasks.
Familiarity with compliance frameworks such as SOC 2, ISO 27001, and GDPR, and the ability to translate requirements into actionable security controls.
Incident response expertise, including forensic analysis and root cause investigation.
Excellent communication skills and the ability to collaborate with cross-functional teams to promote a security-first culture.
Benefits
Competitive compensation, including meaningful equity.
100% coverage of medical, dental, and vision insurance for employee and dependents.
Generous PTO policy including company wide Winter Break (our offices are closed from Christmas Eve to New Year's Day!).
Paid parental leave.
Company-facilitated 401(k).
Exposure to a variety of ML startups, offering unparalleled learning and networking opportunities.
Skills
AWSGCPContainer SecuritySIEMIds/IpsVulnerability ScannersSOC 2ISO 27001GDPRInfrastructure As CodeCI/CDScripting
Build and scale Mercor's novel identity and access management infrastructure across thousands of Slack workspaces and HR systems for a 100k+ expert network. Requires strong product engineering, large-scale distributed systems experience, and security-minded design instincts.
150k – 325k/yr
On-site5+ YOESecurity Engineering
IT Security Operations Engineer
AKASASan Francisco, CA
IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.
150k – 190k/yr
Hybrid4+ YOESecurity Engineering
Security Engineer
NovigNew York, NY
Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.
150k – 200k/yr
On-site5+ YOESecurity Engineering
Governance, Risk & Compliance Engineer
FalSan Francisco, CA
GRC Engineer responsible for designing and improving governance, risk management, and compliance programs at a generative AI platform company. Manage certifications (SOC 2, ISO 27001, GDPR), lead risk assessments, support customer security reviews, and develop automation for cloud and AI infrastructure controls.
150k – 250k/yr
On-site5+ YOESecurity Engineering
Manager, Security Incident Response Team (USA)
GitLabUnited States
Leads the Security Incident Response Team in the Americas, managing engineers through threat hunting, investigations, triage, and large-scale responses while coaching performance and driving process improvements using AI and automation.