About this role
We're looking for a Senior Security Engineer to own and elevate the security posture of our cloud-native, AI-driven SaaS platform. Reporting to the Director of DevOps, you'll be the technical anchor for security across our product, infrastructure, and organization - combining hands-on engineering with the strategic judgment to translate risk into clear, actionable priorities. This is a high-ownership role for someone who can operate end to end: threat modeling a new feature in the morning, hardening cloud infrastructure in the afternoon, and briefing leadership on risk posture by the end of the week. As we scale our platform and deepen our use of AI/ML, you'll define how we build, ship, and operate securely - often standing up programs and controls that don't yet exist. You'll work cross-functionally well beyond engineering, partnering with Customer Success, Marketing, Finance, and Legal to make security a shared, business-aware practice rather than a gate at the end of the line.
What You'll Do • Own the day-to-day security engineering function across cloud infrastructure, application, and data layers. • Lead threat modeling, penetration testing, and vulnerability management across the product and platform lifecycle. • Design, implement, and continuously improve cloud security controls across AWS, GCP, and/or Azure environments. • Assess and secure our AI/ML systems, addressing the unique risks they introduce — from data pipelines to model and LLM behavior. • Drive compliance readiness and audit support for frameworks such as SOC 2, ISO 27001, and GDPR. • Embed security into the SDLC and CI/CD pipelines, partnering closely with DevOps and engineering teams. • Translate technical risk into clear business and board-level language, and advise leadership on prioritization and trade-offs. • Partner cross-functionally with non-engineering teams (Customer Success, Marketing, Finance, Legal) to build security awareness and practical, low-friction controls. • Lead or support incident response, including detection, containment, remediation, and post-incident review.
Requirements:
Must Have • 8+ years in security engineering, security architecture, or a CISO/Security Officer role. • Deep cloud security experience (AWS / GCP / Azure). • Hands-on with threat modeling, penetration testing, and vulnerability management. • Working knowledge of AI/ML systems and their unique security challenges. • Experience with compliance frameworks: SOC 2, ISO 27001, GDPR (or equivalent). • Strong communication — translates technical risk into business and board language. • Comfortable operating cross-functionally with non-engineering teams (CS, Marketing, Finance).
Nice to Have • Prior experience in a fast-scaling SaaS or AI-driven product company. • Hands-on red-teaming of LLM-based systems. • Familiarity with the OWASP LLM Top 10 and NIST AI RMF. • Certifications: CISSP, CISM, CCSP, or equivalent. • Experience standing up a security program from scratch (rather than scaling an existing one).
What We Offer • A pivotal, high-visibility role with the autonomy to shape security from the ground up. • Direct collaboration with engineering leadership and a clear path to broader security ownership. • The chance to secure a modern, AI-driven product at a meaningful inflection point of growth.