The Role

We're hiring a hands-on Staff Security Engineer to build the security foundation for a frontier AI platform serving enterprise customers - owning product/API security, enterprise security architecture, compliance readiness, and incident response as the company scales.

This is a senior/staff-level role for someone with 6+ years of experience who has operated as a TL/TLM or staff+ engineer, remains deeply hands-on, and can provide the leadership presence to make delegation and prioritization decisions as Inception grows. You'll be the first/early security leader at a company where security directly affects customer trust, revenue, and product velocity.

You'll own and drive the systems, processes, and infrastructure that make Inception secure by default: cloud security, network isolation, access controls, incident response, compliance readiness, secure engineering workflows, and customer-facing security requirements. This role is ideal for someone who lives and breathes security, but is still a builder at heart - someone who can design secure systems, write production code, automate workflows, and partner deeply with engineering teams.

This is not a narrow GRC, IT, AI safety, or policy-only role, and it is not AI-specific security research. We're looking for traditional enterprise/product security execution from an "inverted T" engineer: broad software engineering ability with a deep spike in security. You'll be the internal expert who helps us navigate enterprise security, privacy, compliance, and infrastructure risk as we scale - a technical leader, not a friction point for the engineering team.

What You'll Own

• Enterprise security architecture & threat modeling. Design secure systems and guide backend, product, and platform engineers on security architecture and threat modeling for Inception's customer-facing API and enterprise deployments.
• API / product security. Lead proactive threat protection for a public API product handling enterprise usage, analogous to companies exposing API surfaces like ChatGPT or Claude.
• Compliance, certifications, and enterprise readiness. Lead or materially drive security compliance and certifications, including SOC 2 (including ongoing Type 2 readiness) and ISO 27001, plus data privacy and security best practices.
• VPC, GDPR, incident response, and 24/7 security coverage. Operate as a staff-level "all-in-one specialist" across VPC design, network isolation, GDPR, incident response, security monitoring, and operational visibility for production systems.
• Secure infrastructure and tooling. Build and maintain secure infrastructure, automation, and internal tools across Inception's product, platform, and enterprise systems - improving developer velocity while raising the security baseline.
• Engineering practices. Establish and promote secure development, code review, release management, vulnerability management, and incident response practices.
• Pragmatic partnership. Review systems and architectures for security risks and help engineers make pragmatic tradeoffs. Contribute beyond a narrow security lane when needed, especially across backend, infrastructure, platform, and developer tooling.

You Might Be a Fit If

• You have 6+ years of security engineering experience or equivalent staff-level depth, and have operated as a TL/TLM or staff+ engineer who still ships.
• You've built security for enterprise-facing products, APIs, infrastructure, or compliance-heavy environments, and have worked with customers who have procurement, compliance, or customer-trust requirements.
• You have hands-on experience with product/API security for customer-facing APIs.
• You have driven or owned SOC 2, ISO 27001, GDPR, or comparable compliance and certification programs.
• You've built or owned internal security systems, privacy infrastructure, identity and access management, encryption, cloud security controls, mTLS, policy systems, or security services exposed via APIs.
• You're proficient in Python; comfort with at least one systems language such as Go, Rust, or C++ is a plus.
• You're fluent with modern software development, CI/CD, deployment automation, Kubernetes/Docker, infrastructure as code, and cloud platforms such as AWS or Azure.
• You can operate independently in a fast-moving startup without a large security organization around you, and bring startup pace rather than big-tech-only conservatism.
• You partner with fast-moving engineering teams as an enabler, not a blocker, with strong empathy for customer experience and developer velocity.
• BS/MS/PhD in Computer Science or a related field, or equivalent experience.

Nice to Have

• Experience as an early or founding security engineer at a startup or fast-growing engineering organization, helping scale towards 100+ org size.
• Experience preparing companies for enterprise customers, security reviews, SOC 2 Type 2, ISO 27001, GDPR, or similar programs.
• Background in backend engineering, platform engineering, infrastructure, or DevOps before specializing in security.
• Experience building security tooling, developer platforms, or automation that engineers actually use.
• Familiarity with monitoring, observability, vulnerability management, and incident response tooling.
• Experience securing AI/ML infrastructure, GPU-intensive workloads, inference pipelines, serving APIs, or large-scale cloud environments. (Direct AI-specific security experience is not required.)
• Experience with application security, threat modeling, secure SDLC, privacy engineering, or customer-facing security reviews.

Perks & Benefits

• Competitive salary and equity in a rapidly growing startup
• Flexible vacation and paid time off (PTO)
• Health, dental, and vision insurance
• Catered meals (breakfast, lunch, & dinner)
• Commuter subsidies
• A collaborative and inclusive culture