Senior Security Engineer

Plaud

Senior Security Engineer responsible for cloud and infrastructure security at Plaud. Leading cloud security initiatives and incident response to ensure compliance and operational excellence.

Posted 5/14/2026full-timeSan Francisco • California • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies

AWSCloudGoogle Cloud PlatformTerraform

About the role

Key responsibilities & impact

You will own both the detection & response layer and the cloud infrastructure security foundation at Plaud — two domains that must operate in lockstep to deliver SOC 2 Type II audit readiness by Q4 2026.
Cloud & Infrastructure Security — Remediate credential exposure across AWS/GCP production environments, deploy and tune CSPM across all accounts, embed IaC security gates (Checkov/Terraform) into CI/CD, and implement Zero Standing Privileges via JIT/CIEM.
SIEM Build & Detection Engineering — Deploy the SIEM platform and author 30+ MITRE ATT&CK-mapped detection rules spanning cloud telemetry, endpoint, and SaaS — with ongoing tuning to reduce false positives and maintain coverage fidelity.
Incident Response — Own the IR lifecycle end-to-end: develop playbooks across a minimum of 4 incident categories, lead cross-functional response for P1/P2 events, and drive MTTD to ≤60 minutes.
SOC 2 TII Operational Evidence — Produce and maintain the continuous evidence package required for audit — log retention, alert records, control review cadences, and written control narratives for Cloud Security and SecOps domains.
Security Reporting & Risk Governance — Publish monthly security reports to leadership, deliver H1 risk governance reports, and maintain vulnerability SLA compliance ≥90% with clear remediation tracking.

Requirements

What you’ll need

5+ years of hands-on security engineering experience with demonstrable depth in at least one of: cloud security (AWS/GCP, CSPM, IAM, IaC) or security operations (SIEM, IR, SOAR, detection engineering) — and working fluency in the other.
Proven ability to build security infrastructure from zero: tool selection, baseline configuration, and policy definition without inheriting a mature program or existing runbook.
Strong working knowledge of MITRE ATT&CK, CIS Benchmarks (L1/L2), cloud-native security tooling (AWS Security Hub, GCP SCC, or equivalent CSPM), and log source integration across cloud and endpoint layers.
Familiarity with SOC 2 TII control requirements — specifically CC6 (logical access), CC7 (monitoring & detection), and the operational evidence standards expected by a third-party auditor.
Routinely uses LLMs as part of daily security workflow — alert summarization, detection rule generation, SOAR playbook drafting, or IaC policy automation. Will demo last-2-weeks AI usage during interview.

Benefits

Comp & perks

An Employee Stock Ownership Plan (ESOP) that gives a real stake in Plaud’s long-term success.
Work in a fast-moving, product-driven environment where your ideas directly shape the future of AI productivity.
Access to best-in-class AI tools, including Cursor, GPT models, Gemini, Claude, and other frontier AI systems to maximize engineering and execution efficiency.
Choice of top-spec laptops, high-performance workstation setups, and cutting-edge Plaud devices for all new hires.
Annual company offsites, team events, and a culture that values craftsmanship, ownership, and velocity.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cloud securitysecurity engineeringdetection engineeringincident responseCSPMIaCMITRE ATT&CKlog source integrationpolicy definitionvulnerability management

Soft Skills

cross-functional leadershipcommunicationproblem-solvinganalytical thinkingreporting

Certifications

SOC 2 Type II