Lead Security & Infrastructure Engineer

NewLimitSouth San Francisco, CA
$160,000 - $240,000

About The Position

NewLimit is seeking its first dedicated Security & Infrastructure Engineer to establish and manage the security, infrastructure, and internal systems for a clinical-stage biotechnology company. This ground-floor opportunity involves defining and implementing security and scalability standards for clinical, manufacturing, regulatory, and sponsor-facing operations. The role encompasses broad responsibilities, including identity, endpoint, and cloud security, as well as the operational backbone, internal tooling, integrations, backups, recovery, and support for research environments. The engineer will be responsible for access control, audit logging, vendor oversight, and incident readiness, with the autonomy to determine build, buy, automate, or outsource strategies. The ideal candidate is a builder who leverages automation and AI agents, and while a managed service provider handles helpdesk tasks, this role focuses on high-leverage work. The position is within the Computational Sciences team, reporting to the Head of Computational Sciences, and collaborates with computational biologists and software/ML engineers. This is a chance to shape the security function and infrastructure for a new generation of medicines.

Requirements

  • Several years across security engineering, SRE, platform, or infrastructure, including time as an early or sole security and IT owner at a startup.
  • Fluency across core security and IT systems: identity providers, endpoint management, AWS security tooling, networking, collaboration tools, end-user computing, backups, and operational systems of record.
  • Proven ability to scale security operations with modular solutions, built in-house or managed through MSP, MDR, or technical vendor partners.
  • Experience supporting technical, scientific, or laboratory environments where vendor-managed systems, instruments, and uptime matter, and managing MSPs and vendors directly.
  • Demonstrated use of AI agents and automation to force-multiply your work, paired with a clear grasp of how to secure them.
  • A track record of right-sizing controls to company stage, with the judgment and presence to communicate clearly with scientists, operators, executives, vendors, auditors, and sponsors.

Nice To Haves

  • Experience supporting GxP, clinical, or other regulated environments, or hands-on readiness work for SOC 2, ISO 27001, or sponsor and clinical-trial audits.
  • Familiarity with data-integrity expectations such as audit trails and ALCOA+ for regulated data handoffs.
  • You program. You write real code to automate operations (and leverage LLMs to help).

Responsibilities

  • Own identity and access end to end, with least-privilege administration, phishing-resistant authentication, and SSO across our core applications.
  • Set the security and management standards for our macOS and Windows endpoint fleet (encryption, patch posture, device compliance, remote lock/wipe) while relying on our MSP for routine execution.
  • Own and scale security operations, from monitoring, detection, alerting, and response coordination to post-incident reporting and tabletop readiness, using MSP, MDR, or IR partners where they add leverage.
  • Own the secure operational backbone across corporate, lab, and cloud environments: integrations, data transfers, vendor-managed systems, backup, recovery, continuity, and reliable access.
  • Build internal tooling and automation for onboarding, access reviews, security reporting, and agent/LLM governance, including scoped credentials, sandboxed execution, and audit logging.

Benefits

  • Health, dental, and vision insurance
  • 401(k) with company match
  • Industry-leading paid time off (PTO), 20 days/year for all employees plus holidays
  • Paid parental leave
  • Meals and snacks on-site
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service