Security Engineer - Member of Technical Staff

Simile•San Francisco, CA

3d•Hybrid

About The Position

Simile is changing the way consequential decisions in society are made by building the first AI simulation of society, populated by generative agents based on real humans. We have pioneered the field of AI-based simulation, proving it is possible to model human behavior with high accuracy. Today, we are developing a Foundation Model to predict human behavior in any situation, at any scale. We are backed by $100M in funding led by Index Ventures, with participation from Hanabi, A, Bain Capital Ventures, and AI visionaries including Andrej Karpathy, Fei-Fei Li, Adam D’Angelo, and Guillermo Rauch. The Security team is the guardian of our simulation’s integrity. We ensure that as we model human society, we do so with uncompromising privacy and world-class defenses. We operate at the intersection of application security, AI safety, and enterprise-grade privacy to protect our foundation models and our customers' most sensitive data. We organize our work into three core pillars: Application Security: Partnering with engineers to "shift left," conducting threat models and secure design reviews to catch vulnerabilities before they reach production. Product and AI/ML Security: Defending our generative agents against emerging threats like prompt injection, data poisoning, and model extraction. Infrastructure & Compliance: Hardening our multi-cloud footprint (AWS/GCP) and automating identity management (SAML/SCIM) to maintain SOC2 and HIPAA standards.

Requirements

5+ years of experience in application or infrastructure security within a high-growth environment.
Deep expertise in securing AWS environments; experience with GCP or Azure is a major plus.
Ability to think like an attacker to anticipate risks, paired with a collaborative spirit to help engineers remediate them.
Experience with modern observability and a "you build it, you run it" mentality toward security infrastructure.
Experience integrating agentic AI workflows into the developer lifecycle to provide real-time security feedback, enabling engineers to be "secure-by-design" as code is written rather than after the fact.

Nice To Haves

Experience securing AI/ML workloads, specifically defending against prompt injection or protecting model weights.
Strong K8s (EKS/GKE) experience, specifically around multi-tenant security and resource isolation.
Proven track record of navigating SOC2, HIPAA, or similar regulatory frameworks in a cloud-native environment.

Responsibilities

Partner with our largest enterprise customers to navigate the procurement process , leading technical discussions regarding security agreements, providing comprehensive posture overviews, and ensuring alignment on rigorous data handling requirements
Conduct threat modeling and secure design reviews for new features, ensuring security is a core consideration from initial design through implementation.
Develop tooling and "paved paths" that allow our engineering and research teams to ship code safely without sacrificing velocity.
Oversee our bug bounty program and internal vulnerability scanning, prioritizing fixes based on actual risk to our foundation models.
Build specific defenses against AI-novel risks, including protecting high-throughput inference systems and GPU-accelerated computing environments.
Manage security configurations via Terraform/Pulumi, ensuring "security-as-code" is the truth across all multi-region environments.

Benefits

Competitive compensation packages that include base salary, equity, and comprehensive benefits.
Grants are available for eligible roles, subject to board approval.
Comprehensive medical, dental, and vision coverage.
Flexible time off policies to support work-life balance.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume