Senior Security Engineer- Data/Cloud

Join one of the fastest-growing AI-native start-ups, having recently surpassed US$100M in ARR and continuing to scale rapidly. You'll have the opportunity to build security from the ground up, influence the company's security strategy, and work alongside a world-class engineering team developing cutting-edge AI products.

About the Role

We're looking for experienced security engineers with deep expertise in one or two security domains-you don't need to be an expert across every area. During the application process, simply let us know where your strengths lie.)

1. Cloud & Infrastructure Security

Secure our AWS/GCP environments: remediate credential exposure, deploy CSPM, embed IaC security gates

(Checkov/Terraform in CI/CD), and implement Zero Standing Privileges (JIT/CIEM).

2. Data Security

Build the data protection foundation: design L1-L5 classification for audio/transcription/PII, map data flows,

implement WORM access audit logs, and govern Snowflake/database permissions.

3. Application Security & AI Security

Own secure SDLC: integrate SAST/DAST into CI/CD, defend against Prompt Injection and LLM threats (OWASP LLM

Top 10), and conduct security reviews for product releases.

4. Hardware & Firmware Security

Validate our hardware (Sigma) against EN 18031: own Secure Boot, OTA dual-key signing, PKI lifecycle,

HBOM+CVE supply chain scanning, and PSIRT operations.

5. Security Operations

Build and run the SIEM platform (30+ MITRE ATT&CK-mapped detection rules), establish IR playbooks, own

MTTD/MTTR metrics, and produce monthly security reports for leadership.

6. Enterprise IT Security

Drive 100% EDR and MDM coverage, roll out Okta SSO/SCIM across the SaaS stack, and build a measurable security

awareness program alongside the IT team.

Skills, qualifications and experience we look for

. 5+ years of hands-on security engineering experience with deep expertise in at least one domain: cloud security (AWS/GCP, CSPM, IAM), data security (classification, DLP, audit logging), application/AI security(SAST, DAST,

LLM/Prompt Injection), hardware/firmware security (embedded systems, PKI, EN 18031),security operations (SIEM, IR, SOAR), or enterprise IT security (EDR, MDM, IdP/SSO).

. Proven ability to build security controls from zero in a fast-moving environment - scoping work, selecting tools, and delivering independently without a pre-existing framework.

. Cross-domain awareness: even if your depth is in 1-2 areas, you can reason about how cloud, data, product, hardware, and operational security interlock - and communicate risk clearly to engineering and leadership.

. Familiarity with relevant standards and frameworks as applicable to your domain: NIST CSF, CIS Benchmarks, OWASP / OWASP LLM Top 10, MITRE ATT&CK, SOC 2, ISO 27001, EN 18031, GDPR/PIPL