Security Engineer

What You'll Do

• Own and drive compliance certifications – SOC 2 Type II, ISO 27001, and related frameworks (GDPR, CCPA, HIPAA, PCI-DSS)
• Design and operate scalable, secure infrastructure – For real-time systems and AI batch pipelines
• Build security practices and tooling that scale – Not just compliance checkboxes, but engineering-first security that grows with the company
• Harden cloud infrastructure – Access control, secrets management, audit logging, and vulnerability management
• Improve CI/CD pipelines and developer experience – When not on core security work, accelerate developer workflows and occasionally contribute to product features

Who You Are

Security-obsessed – you think in threat models and attack surfaces by default A builder who thrives in ambiguity – you've stood up security programs, not just maintained them Comfortable owning ambiguous problems end-to-end without a dedicated security team around you Equally at home writing security policies and shipping infrastructure improvements Proactive and self-directed; you identify risks before they become incidents Excited to be an early security hire and shape the function from scratch

Requirements

• 4+ years of experience in security engineering or infrastructure security
• Have personally taken at least one company through SOC 2 Type II – you know the audit process, the evidence collection, and the gotchas
• Hands-on with cloud security (AWS, GCP, or Azure) and modern infrastructure tooling (Terraform, Kubernetes, etc.)
• Based in SF or NYC & willing to come into the office 3 days a week

Benefits

• Competitive salary and equity package
• Fully paid medical, dental, and vision insurance
• Free access to OneMedical
• Short and long-term disability insurance
• Company-paid life insurance
• Company-sponsored 401k
• Unlimited PTO (with mandatory 15 days off)
• Financial support for work-adjacent learning opportunities