About the RoleYou will architect the core security foundation of our program: protecting our infrastructure, securing our product, and building the compliance posture that closes deals. This is a build-from-scratch role, not a maintain-and-operate one.
What You'll Do- Contribute to the design and evolution of the security program (cloud infrastructure, product security, identity, and risk management).
- Architect and implement the technical tooling and automation for incident response and forensics.
- Lead compliance audits and security reviews; build the trust posture that enables enterprise sales
- Embed security into the SDLC: threat modeling, design reviews, and pre-launch sign-offs
- Set guardrails for cloud security, own IAM and Zero Trust principles across internal systems
- Manage security vendors and tooling; own the signal, not just the subscriptions
- Report on risk and posture to leadership; grow security culture across engineering
What We're Looking ForRequired1. Architecture & Engineering Foundation:- 4+ years in security engineering or architecture at a B2B SaaS or enterprise software company, with a strong engineering background and proven experience developing enterprise software or systems.
- Strong written communication: translates technical risk into business language for customers and executives.
2. Product & Cloud Security Expertise:- Hands-on cloud security in (Azure/AWS/GCP): IAM design, network segmentation, CSPM tooling, security monitoring.
- Experience securing multi-tenant SaaS: data isolation, RBAC/ABAC, API security.
- Familiarity with security tooling across the stack: CSPM, SIEM, EDR, vuln scanning, secrets management.
- Experience with AI/ML application security: prompt injection, data pipeline integrity, model API abuse.
3. Compliance & Customer Engagement:- Deep familiarity with major compliance frameworks (e.g. SOC 2, HIPAA, GDPR, ISO 27001) and proven experience contributing to the audit/certification process.
- Comfortable serving customers with different compliance maturity, knows what a mid-market customer needs vs. a Fortune 500 security team.
Nice to have- Broader compliance exposure (ISO 42001, FedRAMP, PCI-DSS)
- Prior experience as a founding security hire, comfortable building from a blank page
- CISSP, CISM, CCSP, or a cloud security specialty certification
Why Join Us- You will design the security program from the ground up, the decisions you make now will shape the company's posture for years
- Security is a direct revenue driver here, not a cost center, closing enterprise deals faster is a measurable outcome you own
