Senior Security Engineer (Application & Cloud Security)

About The Position

Requirements

• Hands-on experience with SAST, DAST, and SCA tooling - ideally including StackHawk and GitHub Advanced Security - and cloud-native security within AWS and/or Google Cloud.
• Prior involvement in offensive security or red teaming.
• Strong experience conducting or facilitating threat modeling using formal frameworks (e.g., STRIDE, PASTA) or lightweight iterative approaches.
• Comfortable serving as a security advisor in live architecture conversations.
• Work directly inside engineering teams — through pull request feedback, pair programming, architecture reviews, and daily Slack presence — embedding security into the development workflow rather than reviewing it after the fact.
• Be a hands-on technical contributor first, and measure success by the security improvements shipping in code.
• Experience securing LLM-integrated or AI-powered products, with an understanding of the unique threat surfaces they introduce.
• Ability to translate complex security topics for both technical and non-technical stakeholders.
• Skilled at building cross-functional trust and coaching engineers on security principles without compromising developer velocity.
• At least 5 years of experience in application or cloud security, with a track record of advancing security practices in fast-paced engineering environments.
• Proven track record of embedding directly into engineering teams - improving security posture, reducing vulnerability exposure, and building developer trust without compromising velocity.

Nice To Haves

• Experience supporting security components of SOC 2, FERPA, or COPPA programs
• Experience with StackHawk, GitHub Advanced Security, or comparable SAST/DAST tooling
• Familiarity with AI/LLM application security or threat modeling for AI-integrated products
• Experience in EdTech or other compliance-heavy B2B SaaS environments (SOC 2, FERPA, COPPA)
• Prior experience as a solo or small-team security function in a high-growth startup

Responsibilities

• Secure Development Lifecycle & Vulnerability Management: Champion secure development practices including threat modeling, code reviews, and dependency monitoring. Lead the implementation and ongoing management of StackHawk and GitHub Advanced Security for automated scanning, triage emerging threats like compromised packages and zero-day disclosures, and build developer-friendly workflows that integrate security without sacrificing velocity.
• Infrastructure & Architecture Security: Partner with IT and engineering leadership to maintain core security infrastructure - including firewall management, content filtering, and privilege access controls. Serve as a trusted security advisor in architecture conversations, helping teams design systems that are secure by default across AWS, Google Cloud, and on-prem environments.
• Identity & Access Management: Own the end-to-end IAM security strategy across cloud (AWS, GCP), SaaS, and internal tooling — including identity lifecycle management, SSO/SAML/OIDC configuration, role-based and attribute-based access controls, and zero-trust access patterns. Partner with IT and engineering to enforce least-privilege principles, govern developer and service account access, and build scalable access review processes that hold up under SOC 2 scrutiny.
• Red Teaming & Threat Assessment: Design and execute threat modeling exercises tailored to the unique attack surface of an AI-powered EdTech platform - including student data exposure, AI model misuse, and high-risk windows such as fundraising cycles. Plan and oversee red team assessments, either internally or through third-party partners.
• Incident Response & Preparedness: Serve as first responder and on-call point of contact for security incidents. Own and evolve incident response playbooks, lead postmortems, and run internal enablement programs - including workshops and simulations - that build security awareness and readiness across engineering and staff.
• Cross-Functional Alignment: Partner with IT and Compliance to support SOC 2, FERPA, and COPPA programs, and ensure engineering efforts stay aligned with our regulatory commitments.

Benefits

• Unlimited time off to empower our employees to manage their work-life balance.
• Choice of employer-paid health insurance plans.
• Dental and vision are also offered at very low premiums.
• Every employee is offered generous stock options, vested over 4 years.
• 401k match
• Monthly wellness stipend.