Build and scale security foundations for Decagon's AI customer experience platform, implementing controls, tooling, detection pipelines, and partnering with engineering teams. Requires 3+ years security engineering with strong coding skills and cloud experience, ideally Google Cloud; onsite in San Francisco.
Build security tooling and automation, including automated remediation pipelines, detection systems, and testing frameworks integrated into CI/CD workflows
Partner with engineering teams to design and review authentication systems, secrets management, and access controls
Create detection pipelines that scale with millions of daily AI agent interactions
Contribute to security incidents affecting operations, supporting rapid resolution while maintaining service availability
Requirements
3+ years of experience in security engineering, with strong software engineering fundamentals
Familiarity with application security concepts including authentication, authorization, vulnerability assessment, and secure development practices
Ability to write production-quality code; you can build the tools and automation the team needs, not just identify problems
Experience with cloud security fundamentals, ideally Google Cloud
Exposure to enterprise security requirements such as SOC 2, ISO 27001, or GDPR
Natural curiosity about new technologies and approaches to security problems
Nice-to-Haves
Experience building developer tools, security automation, or remediation pipelines
Background with static analysis tools (Semgrep, CodeQL) or vulnerability management platforms
Familiarity with securing AI/ML applications, including awareness of risks like prompt injection and adversarial inputs
Experience with infrastructure as code (Terraform) and modern cloud development practices
Comfortable working across the entire stack to solve problems
Second Security Engineer at Nooks.ai, securing an AI-native sales platform and its AI agents. Own threat modeling, secure SDLC, cloud hardening, compliance (SOC 2), and novel AI security challenges (guardrails, prompt injection). Requires 4-5+ years in infosec with strong app/cloud security fundamentals; startup experience preferred.
200k – 315k/yr
Hybrid5+ YOESecurity Engineering
Platform Engineer, Security
DecagonSan Francisco, CA
Lead application security strategy and implementation for Decagon's conversational AI platform. Partner with engineering teams to build security into AI-powered applications and establish testing programs.
200k – 330k/yr
On-site3+ YOESecurity Engineering
Security engineer, detection and response (US)
WriterSan Francisco, CA
Builds and implements detection systems and automated responses for AI-specific threats like prompt injection and model extraction on distributed GPU infrastructure. Leads incident response, proactive threat hunting, and cross-team security coordination with 3-5+ years in security operations.
200k – 240k/yr
Hybrid3+ YOESecurity Engineering
Software Engineer, Trust
NotionSan Francisco, CA +1
Builds authentication, security features, and AI-powered risk detection systems to ensure user trust and safety at scale. Requires 5-8 years experience in trust/safety/security with cross-functional collaboration.
200k – 280k/yr
Hybrid5+ YOESecurity Engineering
Infrastructure Engineer, Security
Thinking Machines LabSan Francisco, CA
Owns and evolves security infrastructure across compute, storage, networking, and data platforms for foundation models. Architects secure patterns, manages identities/secrets, builds threat models, and automates security checks in Kubernetes/cloud environments. Requires strong systems programming and infra experience.