Security Engineer

About the role

We are looking for a Security Engineer who thrives at the intersection of deep technical defense and high-level trust building. You won't just be configuring firewalls; you will be the guardian of our customer promise. You will own our security certifications, architect our defenses, and act as the technical voice of security when speaking with our global enterprise partners.

How you’ll contribute

● Architect Defense: Design, build, and maintain security layers across our cloud

infrastructure (AWS/Azure/GCP) and AI pipelines.

● Own Compliance: Lead the end-to-end process for obtaining and maintaining ISO 27001

and SOC 2 Type II certifications. You’ll ensure our internal processes aren't just "compliant"

but genuinely secure.

● The Voice of Trust: Act as the primary technical point of contact for customer security

inquiries. You’ll answer detailed security questionnaires and join calls with enterprise CISOs

to explain our posture.

● Incident Response & Hunting: Monitor for threats, lead incident response drills, and

conduct regular penetration testing and vulnerability assessments.

● Secure SDLC: Work closely with our engineering team to integrate security into the CI/CD

pipeline, performing code reviews and promoting "Security by Design."

● Privacy Advocacy: In the spirit of a privacy-first company, you will ensure data minimization

and encryption standards are world-class.

What you’ll bring

● Experience: 4+ years in Security Engineering, preferably in a high-growth SaaS or

privacy-focused environment.

● Compliance Fluent: You have a proven track record of successfully navigating SOC 2 or ISO

27001 audits.

● Technical Breadth: You are comfortable with container security (Kubernetes), cloud

infrastructure (Terraform/IaC), and modern identity management (Okta/SAML).

● Communicator: You can translate complex security concepts into plain English for customers

and stakeholders. You are patient, empathetic, and professional.

● Adaptive: You enjoy the "dynamic" nature of AI. You are comfortable securing LLM-based

applications and understanding the unique risks they pose (e.g., prompt injection, data

leakage).

● Mission-Driven: You believe that privacy is a fundamental right and are passionate about

protecting user data.