About the Role

What You'll Do

• Contribute to the design and evolution of the security program (cloud infrastructure, product security, identity, and risk management).
• Architect and implement the technical tooling and automation for incident response and forensics.
• Lead compliance audits and security reviews; build the trust posture that enables enterprise sales
• Embed security into the SDLC: threat modeling, design reviews, and pre-launch sign-offs
• Set guardrails for cloud security, own IAM and Zero Trust principles across internal systems
• Manage security vendors and tooling; own the signal, not just the subscriptions
• Report on risk and posture to leadership; grow security culture across engineering

What We're Looking For

• 4+ years in security engineering or architecture at a B2B SaaS or enterprise software company, with a strong engineering background and proven experience developing enterprise software or systems.
• Strong written communication: translates technical risk into business language for customers and executives.

• Hands-on cloud security in (Azure/AWS/GCP): IAM design, network segmentation, CSPM tooling, security monitoring.
• Experience securing multi-tenant SaaS: data isolation, RBAC/ABAC, API security.
• Familiarity with security tooling across the stack: CSPM, SIEM, EDR, vuln scanning, secrets management.
• Experience with AI/ML application security: prompt injection, data pipeline integrity, model API abuse.

• Deep familiarity with major compliance frameworks (e.g. SOC 2, HIPAA, GDPR, ISO 27001) and proven experience contributing to the audit/certification process.
• Comfortable serving customers with different compliance maturity, knows what a mid-market customer needs vs. a Fortune 500 security team.

• Broader compliance exposure (ISO 42001, FedRAMP, PCI-DSS)
• Prior experience as a founding security hire, comfortable building from a blank page
• CISSP, CISM, CCSP, or a cloud security specialty certification

Why Join Us

• You will design the security program from the ground up, the decisions you make now will shape the company's posture for years
• Security is a direct revenue driver here, not a cost center, closing enterprise deals faster is a measurable outcome you own