Staff Software Engineer - Security

Flow Engineering

$130K — $180K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 8+ years in software development, with a focus on secure services in cloud environments.
  • Expertise in application and cloud security (AWS, GCP, or Azure) including identity, access, and data protection.
  • Experience in regulated environments, specifically with SOC 2 implementation; familiarity with export control, ITAR, or FedRAMP.
  • Proficient in threat modeling, secure architecture, and incident response planning.
  • Experience securing AI or LLM systems in production.
  • Self-motivated security leader comfortable in a startup environment.

Responsibilities

  • Own and define security architecture across the platform.
  • Harden application and cloud security, ensuring tenant isolation and data protection.
  • Drive SOC 2 compliance and prepare for defense/aerospace customer certifications.
  • Secure AI systems against vulnerabilities like prompt injection and data leaks.
  • Build essential security tooling for monitoring and vulnerability management.
  • Establish and lead incident response processes, from detection to postmortems.
  • Collaborate with sales and product teams to navigate security reviews for customer confidence.

Benefits

  • Health, dental, and vision coverage.
  • Flexible time off to promote work-life balance.
  • Support for ongoing experimentation and learning in the AI ecosystem.
  • Competitive salary and meaningful equity participation.
Full Job Description
About the role

Our customers in defense, aerospace and more trust us with sensitive systems requirements. That means security is a first-order part of the product, so we're looking for a Staff Software Engineer to own it.

This is our first dedicated security hire, so you'll define the security architecture, harden the platform, and build out the compliance posture. Since LLMs and agentic workflows sit at the center of what we do, you'll also lead how we secure them.
What you'll do
  • Own security architecture across the platform: threat modeling, secure design reviews, and the standards we build against.
  • Harden the full stack, from application security to cloud infrastructure (identity, network, secrets), tenant isolation, and data protection.
  • Drive SOC 2 and get us ready for the certifications defense and aerospace customers ask about, including export control and ITAR.
  • Secure our AI and agentic systems: prompt injection, data leaking through models, what actions agents are allowed to take, and guardrails.
  • Build the security tooling we need across detection, monitoring, vulnerability management, and CI/CD.
  • Stand up incident response and run it, from detection through postmortems.
  • Work with sales and product to get through security reviews and win customer confidence.
About you
  • 8+ years building production software, including running secure services at scale in the cloud.
  • Deep experience in application and cloud security (AWS, GCP, or Azure): identity and access, secrets, network security, data protection.
  • You've owned security in a regulated or high-trust environment and have implemented SOC 2 yourself. Export control, ITAR, or FedRAMP experience is a big plus.
  • Solid on threat modeling, secure architecture, and incident response.
  • You've secured AI or LLM systems.
  • You're comfortable being the security lead at a startup and setting the agenda yourself.
Our stack (AI-leaning)
  • TypeScript/Node.js and Python for AI and backend services.
  • Modern LLM APIs and orchestration libraries for building agentic workflows.
  • Postgres and other managed cloud services for data and state.
How we work & values
  • Speed over everything: prototype AI workflows quickly, then harden what works.
  • Own, downscope, ship, iterate: one clear owner per feature, from prototype to production.
  • Fundamentals done well: evaluation, observability, and safety are part of the first version, not an afterthought.
  • Competitive salary and meaningful equity.
  • Health, dental, and vision coverage.
  • Flexible time off and support for experimentation, learning, and staying current with the AI ecosystem.

Similar Jobs

More Jobs at Flow Engineering

More Information Technology Jobs

Find similar Staff Software Engineer - Security jobs: