Security Engineer

About The Position

Requirements

• 5+ years of full-time experience in security engineering, platform security, or infrastructure security roles
• Deep experience with cloud security in AWS and/or GCP, including IaC tools like Terraform or Pulumi
• Passionate about building pragmatic, risk-based security programs that scale with the business

Nice To Haves

• You have hands-on experience building security programs from the ground up, ideally in fast-growing startups or cloud-native environments
• You understand both infrastructure security (identity & access management, network security, endpoint protection) and application security (threat modeling, secure development practices, vulnerability management)
• You've worked with compliance frameworks like SOC 2, HIPAA, or ISO 27001 and can translate requirements into practical implementation
• You're comfortable both building security tooling yourself and orchestrating third-party solutions, and you know when to build vs. buy
• You care about enabling the business and empowering engineers, not just saying "no"

Responsibilities

• Build the threat model that informs our security roadmap for the next year
• Design and deploy foundational security controls across corporate infrastructure (EDR, FIDO2 authentication, VPN) and application security (secure SDLC, vulnerability management)
• Oversee our compliance efforts (SOC 2, HIPAA, ISO 27001) and coordinate with external auditors and consultants
• Evaluate, select, and implement security tooling that balances sophistication with operational efficiency

Benefits

• Equity with early exercise & QSBS eligibility
• Comprehensive health, dental, and vision insurance
• Unlimited PTO
• 401(k)
• Meals provided daily in office