Senior Security Engineer- Data/Cloud

Join one of the fastest-growing AI-native start-ups, having recently surpassed US$100M in ARR and continuing to scale rapidly. You'll have the opportunity to build security from the ground up, influence the company's security strategy, and work alongside a world-class engineering team developing cutting-edge AI products.

About the Role

We're looking for experienced security engineers with deep expertise in one or two security domains—you don't need to be an expert across every area. During the application process, simply let us know where your strengths lie.)

1. Cloud & Infrastructure Security

Secure our AWS/GCP environments: remediate credential exposure, deploy CSPM, embed IaC security gates

(Checkov/Terraform in CI/CD), and implement Zero Standing Privileges (JIT/CIEM).

2. Data Security

Build the data protection foundation: design L1-L5 classification for audio/transcription/PII, map data flows,

implement WORM access audit logs, and govern Snowflake/database permissions.

3. Application Security & AI Security

Own secure SDLC: integrate SAST/DAST into CI/CD, defend against Prompt Injection and LLM threats (OWASP LLM

Top 10), and conduct security reviews for product releases.

4. Hardware & Firmware Security

Validate our hardware (Sigma) against EN 18031: own Secure Boot, OTA dual-key signing, PKI lifecycle,

HBOM+CVE supply chain scanning, and PSIRT operations.

5. Security Operations

Build and run the SIEM platform (30+ MITRE ATT&CK-mapped; detection rules), establish IR playbooks, own

MTTD/MTTR metrics, and produce monthly security reports for leadership.

6. Enterprise IT Security

Drive 100% EDR and MDM coverage, roll out Okta SSO/SCIM across the SaaS stack, and build a measurable security

awareness program alongside the IT team.

Skills, qualifications and experience we look for

• 5+ years of hands-on security engineering experience with deep expertise in at least one domain: cloud security (AWS/GCP, CSPM, IAM), data security (classification, DLP, audit logging), application/AI security(SAST, DAST,

LLM/Prompt Injection), hardware/firmware security (embedded systems, PKI, EN 18031),security operations (SIEM, IR, SOAR), or enterprise IT security (EDR, MDM, IdP/SSO).

• Proven ability to build security controls from zero in a fast-moving environment — scoping work, selecting tools, and delivering independently without a pre-existing framework.

• Cross-domain awareness: even if your depth is in 1-2 areas, you can reason about how cloud, data, product, hardware, and operational security interlock — and communicate risk clearly to engineering and leadership.

• Familiarity with relevant standards and frameworks as applicable to your domain: NIST CSF, CIS Benchmarks, OWASP / OWASP LLM Top 10, MITRE ATT&CK, SOC 2, ISO 27001, EN 18031, GDPR/PIPL