Security Engineer
About The Position
SafeLease is a profitable insurance business that designs, underwrites, and distributes specialty coverage for commercial property owners and their tenants. We control the full stack: product design, tech, and the speed at which we move. We are a team of 70, growing over 100% annually, and we've done it without sacrificing profitability or culture. This role is critical as SafeLease is leaning hard into AI, creating new security surfaces. The ideal candidate will design guardrails to enable continued acceleration without compromising security. This involves addressing prompt injection, defining citizen developer permissions, managing secrets for AI agents, and handling traditional security tasks like SSO hygiene, endpoint posture, and vendor reviews. The role is for someone who wants to enable secure adoption of new technologies rather than enforce restrictive policies.
Requirements
- 3+ years in security engineering, application security, or a hybrid security/infrastructure role.
- Hands-on experience with cloud security (AWS preferred).
- Hands-on experience with identity management systems (Cognito, Okta, or similar).
- Working knowledge of modern application security principles (OWASP, secret management, etc.).
- Understanding of how LLM-based systems can fail, including prompt injection, data exfiltration via tool use, over-permissioned agents, and MCP server risk surfaces.
- Comfortable shipping code (Node, Python, or similar).
- Experience building security tooling, not just writing policies.
- Active use of AI-powered dev tools (Claude Code, Cursor, Copilot) in day-to-day work.
- Familiarity with SOC 2 compliance from an internal perspective.
- Strong communication skills.
- Collaborative mindset.
Nice To Haves
- Lived experience with LLM security failures.
- Experience with regulated industries (insurance, finance, healthcare).
- Hands-on IT/MDM work experience.
- Experience translating between SOC 2 auditors, engineers, and operators.
Responsibilities
- Own security as the company adopts AI, setting standards for LLM, MCP server, and agentic tooling usage to prevent data leaks, over-permissioning, and prompt-injectable surfaces.
- Stay current on the rapidly evolving AI threat landscape.
- Run the company's infosec program, including identity, access, secrets management, endpoint posture, vendor review, and maintaining SOC 2 certification.
- Ensure compliance is integrated into daily operations.
- Build guardrails for citizen development, defining accessible areas, review processes, secret scoping, and preventing data exfiltration.
- Partner with engineering to encode security rules into tooling.
- Handle essential IT tasks such as SSO, MDM, laptop provisioning, and office network management, applying pragmatism through direct work, automation, or outsourcing.
- Act as a trusted partner, engaging early with engineering, product, and ops to enhance their work.
Benefits
- Unlimited PTO
- Full health benefits
- Flexible work setups
- Competitive pay
- Equity
- Culture where people want to show up to do their best work
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
