Lead Security Engineer

Nuvo•New York, NY

5h•$200,000 - $300,000

About The Position

We are looking for a lead security engineer to stand up and own security at a company building category-defining products. Our problems span safe deployment of AI agents, multi-party workflow automation, identity, risk, and large-scale data, and because we handle sensitive financial information for businesses across the economy, trust is the product. As our first dedicated security hire, you'll define what good looks like: shaping the roadmap, embedding security into how we build, and protecting our customers and their data from day one. Since we’re an early startup, you’ll have to be prepared to wear many hats; most of your time will be spent on application and product security, but you'll also reach into cloud infrastructure, detection and response, and compliance as the work demands. Your impact will be felt across team culture, our customers, and the economy.

Requirements

5+ years in security engineering, with deep application/product security expertise and the range to operate across cloud, infrastructure, and detection when needed.
A track record of building or substantially shaping a security program. You should be comfortable being the one who decides what to do first and why.
Strong engineering fundamentals: you read and write production code, and you can earn the trust of the engineers you partner with.
Strong problem-solving skills and the ability to communicate technical risk clearly to engineers, to leadership, and to customers.
A passion for internet technologies and a sharp instinct for how modern systems get attacked and defended.
Experience working in an early-stage engineering team or a fast-growing company, solving hard, ambiguous problems with a strong bias for action.

Responsibilities

Own application and product security end to end — threat modeling, secure design and code review, and partnering with engineers to ship features that are secure by default rather than secured after the fact.
Build the security function from the ground up: set the roadmap, establish best practices, choose the tooling, and define the standards the rest of engineering will build on.
Find, prioritize, and drive remediation of vulnerabilities across the product and our infrastructure and build the guardrails that keep them from coming back.
Reach across the stack as needed — cloud and infrastructure hardening (IAM, secrets, network, Kubernetes), logging, detection and incident response, and the security foundations behind compliance efforts like SOC 2.
Make security a part of engineering culture, to help the whole team move fast but securely. Write and review high-quality code, contribute to the systems you protect, and level up the team around you.
Use the best tools for the job. We've used technologies like Vue, GraphQL, and even built our own DSL for defining roles and permissions. What matters most is the impact you create and the risk you reduce, not the specific tools you use.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume