The RoleAs a Senior Platform Engineer, with an emphasis on Security, your main mission is to build out Doxel's internal platform and define the golden paths that engineers rely on, replacing today's hand-rolled infra. Own cloud security posture on GCP, bake security into CI/CD and the supply chain, and help shape how Doxel uses AI safely.
What You'll Do- Work with DevOps team to build out golden paths that streamline developer and builder workflows streamlining and applying shift left security policies on CI/CD deployment, internal tooling, LLM, and data science workflows
- Own cloud security posture on Google Cloud, landing-zone guardrails, least-privilege IAM, secrets and key management, codified as infrastructure-as-code so secure defaults are baked into golden paths rather than bolted on after
- Continuously evaluate attack surfaces across the application, infrastructure, and cloud, prioritize findings by exploitability and blast radius, and feed the highest-leverage fixes back into the platform
- Set and enforce AI-usage best practices, guardrails for agentic coding tools internally and Provide a security point of view on product AI/LLM features (prompt injection, data egress, model supply chain), in partnership with engineering leadership
- Action on improving security and compliance through a risk based approach implementing SOC2, ISO27001, and ISO27701 security and compliance frameworks.
Drive adoption and raise the security bar across engineering through better defaults, not mandates.
What You Bring- 6+ years in platform engineering, infrastructure/DevOps, or site reliability, with real depth building infrastructure, not just operating it
- Strong infrastructure-as-code skills (Terraform) and a track record of replacing ad hoc infra with reusable, self-service patterns
- Hands-on cloud depth, ideally Google Cloud (AWS or Azure translates), including IAM, networking, and least-privilege design
- Strong experience with Kubernetes and containerized workloads in production.
Practical experience embedding security tooling into CI/CD (SAST, SCA, secret scanning, supply chain controls) and building secure-by-default pipelines - Strong programming or scripting ability (Python, Go, or similar) for building platform and automation tooling
- A security mindset: you design for least privilege and think about how things get abused, even when security is not the headline of the task
- Demonstrated ability to drive platform adoption and influence engineering teams without formal management authority.
Preferred- Experience standing up an internal developer platform or paved-road program from scratch
- Working knowledge of AI/LLM security risks and a point of view on using AI tools safely
- SOC 2, ISO 27001, or similar compliance experience in a fast-moving company.
- Experience securing data warehouses or large data pipelines (Snowflake a plus)
- Familiarity with construction tech, BIM/3D data, or other domain-rich data products
$175,000 - $220,000 a year
Doxel provides comprehensive health/dental/vision benefits for employees and their families including an Unlimited PTO policy, a 401(k) program, and a flexible work environment among other benefits.