Senior Security Engineer
About The Position
We’re hiring our first dedicated security hire to own security end-to-end across our product, infrastructure, and organization. You’ll be both a hands-on security engineer and the security lead who sets direction, defines standards, and builds the foundation of our security program. You’ll partner closely with engineering, product, and GTM teams to keep our platform and customer data safe, while also unblocking enterprise deals and strengthening our security posture as we scale. If you enjoy building security programs from (almost) scratch, influencing without heavy process, and still getting deep into the technical details, this role is for you.
Requirements
- ~5+ years in security engineering or related roles (AppSec, Infra/Cloud Sec, Product Security).
- Strong experience securing cloud-based SaaS products in production.
- Deep hands-on experience with [AWS/GCP/etc.] security primitives (IAM, VPC, KMS, security groups, CloudTrail/CloudWatch, etc.).
- Comfortable working with infrastructure-as-code (Terraform or similar).
- Strong understanding of common web and API vulnerabilities (OWASP Top 10, real-world exploit patterns).
- Experience working with product/engineering teams to prevent issues by design, not just fix them later.
- Experience deploying and tuning security scanners and monitoring tools.
- Comfortable scripting in Python, Bash, or similar to automate checks and workflows.
- Hands-on experience with SOC 2, ISO 27001, or similar frameworks (setting up or maintaining controls).
- Ability to translate technical controls into auditor- and customer-friendly language.
- You’re comfortable being the go-to security voice in a growing company.
- You can influence without heavy process, earning trust with engineers, PMs, and leadership.
- Strong written and verbal communication skills; you can explain tradeoffs in plain language.
Nice To Haves
- Experience as a first or early security hire at a startup.
- Experience with detection & response (SIEM, EDR, alert tuning).
- Prior involvement in customer-facing security reviews and complex security questionnaires.
- Familiarity with privacy and data protection topics (e.g., GDPR) in a SaaS context.
Responsibilities
- Company-wide security posture across application, infrastructure, and internal systems
- Secure SDLC: how we design, build, test, and release secure software
- Cloud & infrastructure security in our AWS, GCP, and Azure environments
- Vulnerability management: from discovery to prioritization and remediation
- Security governance & compliance, including SOC 2, HIPAA, and customer requirements
- Incident readiness & response, including playbooks, tooling, and training
- Security story for customers: helping sales and customer success win and retain larger customers
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
