Security Engineer - Member of Technical Staff

Simile•Palo Alto, CA

1d•$200,000 - $400,000

About The Position

Pilots don’t train with real passengers. Surgeons don’t practice on real people. Yet, the most consequential decisions in society are often pushed straight to production. Simile is changing that. We have built the first AI simulation of society, populated by generative agents based on real humans. Our research pioneered the field of AI-based simulation, proving it is possible to model human behavior with high accuracy. Today, we are developing a Foundation Model to predict human behavior in any situation, at any scale. We are backed by $100M in funding led by Index Ventures, with participation from Hanabi, A, Bain Capital Ventures, and AI visionaries including Andrej Karpathy, Fei-Fei Li, Adam D’Angelo, and Guillermo Rauch. About the Team The Security team is the guardian of our simulation’s integrity. We ensure that as we model human society, we do so with uncompromising privacy and world-class defenses. We operate at the intersection of application security, AI safety, and enterprise-grade privacy to protect our foundation models and our customers' most sensitive data. We organize our work into three core pillars: Application Security: Partnering with engineers to "shift left," conducting threat models and secure design reviews to catch vulnerabilities before they reach production. AI/ML Trust & Safety: Defending our generative agents against emerging threats like prompt injection, data poisoning, and model extraction. Infrastructure & Compliance: Hardening our multi-cloud footprint (AWS/GCP) and automating identity management (SAML/SCIM) to maintain SOC2 and HIPAA standards. About the Role We are looking for a Security Engineer who thrives on securing novel AI products that push established security boundaries. You will own the security roadmap, ensuring our platform is resilient, compliant, and stays ahead of an ever-evolving threat landscape.

Requirements

Experience: 5+ years of experience in application or infrastructure security within a high-growth environment.
Security Polyglot: Deep expertise in securing AWS environments; experience with GCP or Azure is a major plus.
Offensive Mindset: Ability to think like an attacker to anticipate risks, paired with a collaborative spirit to help engineers remediate them.
Operational Mindset: Experience with modern observability and a "you build it, you run it" mentality toward security infrastructure.
Communication: Ability to distill complex security topics into clear technical specs and actionable guidance for internal teams.

Nice To Haves

AI/ML Security: Experience securing AI/ML workloads, specifically defending against prompt injection or protecting model weights.
Kubernetes Mastery: Strong K8s (EKS/GKE) experience, specifically around multi-tenant security and resource isolation.
Compliance Expertise: Proven track record of navigating SOC2, HIPAA, or similar regulatory frameworks in a cloud-native environment.

Responsibilities

Lead Secure Design: Conduct threat modeling and secure design reviews for new features, ensuring security is a core consideration from initial design through implementation.
Automate Defenses: Develop tooling and "paved paths" that allow our engineering and research teams to ship code safely without sacrificing velocity.
Own Vulnerability Management: Oversee our bug bounty program and internal vulnerability scanning, prioritizing fixes based on actual risk to our foundation models.
Secure AI/ML Pipelines: Build specific defenses against AI-novel risks, including protecting high-throughput inference systems and GPU-accelerated computing environments.
Champion GitOps Security: Manage security configurations via Terraform/Pulumi, ensuring "security-as-code" is the truth across all multi-region environments.
Drive Compliance: Implement encryption at rest/transit and identity management standards to meet global data residency and privacy requirements.