The RoleWe're hiring a Senior Security Engineer to be a generalist anchor on the Security Engineering team at a16z. We have an internal engineering team (ASG) which operates in the mode of an internal startup and takes on requests from all corners of the firm. You'll help ASG and the rest of the firm make secure decisions as we ship that tooling, integrate AI across workflows, and operate over a sophisticated cloud surface.
You'll partner directly with ASG on the security of our cloud infrastructure, internal applications, SDLC pipelines, and AI systems. The role is hands-on. You'll review code, design controls, automate guardrails, and ship security capabilities across cloud, product, identity, and AI surfaces. You'll work closely with Engineering, SecOps, and IT to make security show up as a partner, not a gate.
Venture capital firms face targeted, sophisticated threats - capital call wire fraud, social engineering, vishing, and threat actors who specifically pursue firms in this space. Your work protects the firm, our LPs, and our portfolio companies.
This role requires an in-office presence 2 days a week in our San Francisco, CA office.
To join our team, you should be excited to:- Be the day-to-day security partner to teams across the firm as they adopt AI and help make secure choices.
- Pair on architecture reviews, run threat models, and ship guardrails as a16z builds custom tooling for the VC industry
- Help secure AI usage across the firm, including internal agent systems, AI-powered workflows that touch sensitive data, and the agentic infrastructure ASG is building
- Own and operate cloud security tooling (SAST, SCA, IaC scanning, runtime security) across AWS and GCP
- Build foundational programs, including asset management, SDLC integration, and Kubernetes hardening
- Move fast across CloudSec and Product Security - with depth in one and working breadth across the other
Minimum Qualifications- 4+ years of security engineering experience or equivalent demonstrated impact at a senior IC level
- Generalist with primary depth in CloudSec and Product Security, comfortable spanning enterprise security, identity, and AI
- Demonstrated experience with SAST, SCA, AWS, GCP, Terraform, Kubernetes, and GitHub Actions
- Strong code-reading and code-review skills, comfortable in Python or Go for tooling work
- Experience working embedded with engineering teams, not as an external gating function
- AI security knowledge, including model risk, prompt injection, and agent governance. This is a growing area for us
- Experience translating technical security concepts, decisions, and trade-offs into terms non-technical audiences across the firm can act on
- Low ego, high empathy, and the capacity to collaborate effectively with diverse teams
The anticipated salary range for this role is between $243,000 - $284,000, actual starting pay may vary based on a range of factors which can include experience, skills, and scope.
This role is eligible to participate in the a16z carry program and various discretionary bonus programs as well as benefit and perquisite plans including health, dental, vision, disability, life insurance, 401K plan, vacation, and sick leave.
