About this roleAt StackAI, security is at the heart of empowering companies to build AI assistants quickly and securely. We're looking for a hands-on security engineer to design and drive our security strategy across infrastructure, applications, and processes. You'll build and lead a world-class security team, embed security into our development lifecycle, and ensure we meet the highest standards of compliance and customer trust. If you thrive in high-growth environments and want to shape the future of AI security, we'd love to meet you.
Responsibilities- Design and Implement Security Frameworks
Drive the creation and execution of security measures across both infrastructure and application layers (Render.com, Vercel, GCP, Azure, Kubernetes), ensuring StackAI remains secure as we scale rapidly. - Shape the Security Vision
Define and roll out a comprehensive security strategy, embedding best practices across engineering and product teams to safeguard data and systems. - Build and Lead the Security Organization
Recruit, mentor, and manage a high-performing security team while fostering a culture of technical excellence and proactive defense. - Integrate Security into Development
Partner with engineering teams to embed security into CI/CD pipelines and the entire software development lifecycle, making security a core part of how we build. - Manage External Security Partnerships
Oversee relationships with penetration testing firms, compliance auditors, and security vendors to strengthen our defenses and maintain trust. - Support Customer and Partner Trust
Work closely with customer-facing teams to clearly communicate StackAI's security posture, compliance commitments, and incident response readiness. - Harden Third-Party Dependencies
Evaluate and continually improve the security of external tools, APIs, and integrations critical to our platform. - Lead Incident Response
Own the security incident response process, coordinating resolution efforts across teams and implementing long-term preventive measures. - Ensure Compliance and Audit Readiness
Collaborate with operations and legal teams to prepare for audits (e.g., SOC 2, ISO 27001) and uphold top-tier standards for regulatory and vendor security.
Qualifications- Proven Security Expertise
4+ years of hands-on experience in security engineering with success across both infrastructure and application layers. - Leadership in High-Growth Environments
Prior leadership experience in scaling tech companies or startups, ideally in roles that bridged strategy and execution. - Clear and Confident Communication
Ability to translate complex security concepts into clear language for both technical and non-technical audiences. - Strong Risk and Threat Management Skills
Deep background in risk assessment, threat modeling, and vulnerability management. - Cloud and Infrastructure Mastery
Practical experience with GCP, Azure, or AWS, combined with a strong understanding of infrastructure and API-level security. - Secure Development Knowledge
Familiarity with secure coding practices, especially in JavaScript/TypeScript, Go, and Node.js. - DevSecOps and Automation
Experience with modern security tooling and automating testing across build and deployment pipelines.
