Security Engineer - Tech Lead

Luma AI•Palo Alto, CA

About The Position

We are looking for a senior, hands-on security leader to build the security foundations that will support Luma’s next stage of growth. Our models and products are becoming critical infrastructure for creative professionals and enterprises. As adoption scales, we are investing in modern, principled systems for identity, access control, secrets, encryption, and safe operation of autonomous AI. This is a builder role. You will design and ship the platform security systems and operational tooling that allow us to move quickly while meeting the expectations of world-class customers—things like auth and identity infrastructure, fine-grained access scoping, break-glass escalation systems, and agent permission frameworks. You will partner deeply with infrastructure, research, and product teams to make secure design the default, not something bolted on after the fact.

Requirements

You have built and operated security foundations in real production environments
You are excellent at writing code, reviewing infrastructure, and shipping systems
You recognize that in AI platforms, software systems can act with real authority
You’ve thought deeply about how services, automations, or models are scoped, constrained, and observed
You think in terms of systems and trust boundaries
You have high agency—you identify problems and drive them to resolution
You can balance pragmatism with long-term rigor
Engineers trust you and enjoy partnering with you

Nice To Haves

You’ve helped organizations evolve toward mature, scalable security architectures
You have experience implementing least-privilege access and modern identity models
You’ve built durable approaches to secrets management and credential lifecycle
You understand the nuances of securing multi-tenant AI platforms
You have strong opinions on how autonomous systems should be permissioned and governed
You know how to build detection and response capabilities in high-growth environments
You can represent the company in detailed customer and partner security discussions
You build platforms and paved roads that engineers love to use

Responsibilities

Design and mature how access to production systems is granted and governed
Implement scalable RBAC / ABAC approaches across infrastructure and products
Build robust secrets management and credential lifecycle practices
Establish strong encryption and key management patterns
Define how agents and automated systems receive authority, how it is scoped, and how it is revoked
Create auditability and forensic visibility for user and system actions
Lead threat modeling across infrastructure, product, and research domains
Collaborate with engineering teams to make secure patterns easy and automatic
Help drive readiness for enterprise security expectations and reviews
Strengthen incident detection and response capabilities
Raise the company’s security bar while preserving development velocity