Security architecture and design: Collaborate with engineering teams to design and implement secure systems and infrastructure, including cloud (AWS/GCP) environments and container orchestration platforms.
Vulnerability management: Lead proactive vulnerability assessments, pen tests, and remediation efforts to ensure our products and infrastructure remain secure.
Incident response: Develop and maintain incident response processes, including detection, analysis, containment, eradication, and post-incident reviews.
Identity and access management (IAM): Oversee IAM strategies and tools to ensure the right people have the right level of access to our systems and data.
Security compliance and audits: Work closely with operations to ensure compliance with relevant standards (e.g., SOC 2, ISO 27001) and assist with audits, policy creation, and risk assessments.
Employee security training: Develop and deliver security training programs and documentation to keep our team informed about best practices, social engineering threats, and secure coding standards.
DevSecOps integration: Partner with DevOps teams to embed security into the CI/CD pipeline, automating security checks and fostering a culture of “security as code.”

Requirements

3+ years of experience in a Security Engineer or similar security-focused role, preferably in a fast-paced startup environment.
Strong knowledge of cloud security (AWS/GCP), container security, and infrastructure-as-code best practices.
Hands-on experience with security tooling (SIEM, IDS/IPS, vulnerability scanners) and scripting languages to automate security tasks.
Familiarity with compliance frameworks such as SOC 2, ISO 27001, and GDPR, and the ability to translate requirements into actionable security controls.
Incident response expertise, including forensic analysis and root cause investigation.
Excellent communication skills and the ability to collaborate with cross-functional teams to promote a security-first culture.

Benefits

Competitive compensation, including meaningful equity.
100% coverage of medical, dental, and vision insurance for employee and dependents
Generous PTO policy including company wide Winter Break (our offices are closed from Christmas Eve to New Year's Day!)
Paid parental leave
Company-facilitated 401(k)
Exposure to a variety of ML startups, offering unparalleled learning and networking opportunities.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security architecturevulnerability managementincident responseidentity and access managementcloud securitycontainer securityinfrastructure-as-codeforensic analysisroot cause investigationscripting languages

Soft Skills

excellent communicationcollaborationtraining developmentteam leadershipsecurity-first culture

Certifications

SOC 2ISO 27001GDPR