# Senior Platform Engineer, Security
**Company:** [Doxel](https://hotfix.jobs/companies/doxel)
**Location:** San Francisco, CA
**Salary:** $175K-$220K
**Experience:** 6+ years
**Skills:** Terraform, GCP, Kubernetes, Python, Go, IAM, CI/CD, SAST, Sca, SOC 2, ISO 27001
**Posted:** 2026-06-27
> Build and secure Doxel's internal developer platform on GCP. Own cloud security posture, embed security into CI/CD pipelines, and drive adoption of secure golden paths across engineering teams.
## Job Description
## What You'll Do
- Work with DevOps team to build out golden paths that streamline developer and builder workflows streamlining and applying shift left security policies on CI/CD deployment, internal tooling, LLM, and data science workflows
- Own cloud security posture on Google Cloud, landing-zone guardrails, least-privilege IAM, secrets and key management, codified as infrastructure-as-code so secure defaults are baked into golden paths rather than bolted on after
- Continuously evaluate attack surfaces across the application, infrastructure, and cloud, prioritize findings by exploitability and blast radius, and feed the highest-leverage fixes back into the platform
- Set and enforce AI-usage best practices, guardrails for agentic coding tools internally and Provide a security point of view on product AI/LLM features (prompt injection, data egress, model supply chain), in partnership with engineering leadership
- Action on improving security and compliance through a risk based approach implementing SOC2, ISO27001, and ISO27701 security and compliance frameworks
- Drive adoption and raise the security bar across engineering through better defaults, not mandates

## What You Bring
- 6+ years in platform engineering, infrastructure/DevOps, or site reliability, with real depth building infrastructure, not just operating it
- Strong infrastructure-as-code skills (Terraform) and a track record of replacing ad hoc infra with reusable, self-service patterns
- Hands-on cloud depth, ideally Google Cloud (AWS or Azure translates), including IAM, networking, and least-privilege design
- Strong experience with Kubernetes and containerized workloads in production
- Practical experience embedding security tooling into CI/CD (SAST, SCA, secret scanning, supply chain controls) and building secure-by-default pipelines
- Strong programming or scripting ability (Python, Go, or similar) for building platform and automation tooling
- A security mindset: you design for least privilege and think about how things get abused, even when security is not the headline of the task
- Demonstrated ability to drive platform adoption and influence engineering teams without formal management authority

## Preferred
- Experience standing up an internal developer platform or paved-road program from scratch
- Working knowledge of AI/LLM security risks and a point of view on using AI tools safely
- SOC 2, ISO 27001, or similar compliance experience in a fast-moving company
- Experience securing data warehouses or large data pipelines (Snowflake a plus)
- Familiarity with construction tech, BIM/3D data, or other domain-rich data products
**Apply:** https://hotfix.jobs/jobs/senior-platform-engineer-security-at-doxel-66279d2d-a2ec-42c9-8617-3e15e999ebac
**Canonical:** https://hotfix.jobs/jobs/senior-platform-engineer-security-at-doxel-66279d2d-a2ec-42c9-8617-3e15e999ebac