Founding Security Engineer
Location
United States + 1 moreAll locations: United States, Canada
Posted
1 day ago
Salary
Not specified
Job Description
Role Description
We’re looking for a Founding Security Engineer to build and lead our security program as we scale from Series A toward Series B. This is a hands-on role with leadership trajectory. You will work directly with our engineering and platform teams to design secure systems, lead compliance efforts, and establish the foundations of a mature security program. The person in this role is expected to grow into Head of Security as the company scales. If you enjoy building security from the ground up, working closely with engineers, and helping a company achieve enterprise-grade security posture, this role is for you.
What You’ll Own
-
Security Architecture & Engineering
- Embed security-by-design into our platform and infrastructure.
- Partner with engineering to implement DevSecOps practices and automated security testing.
- Conduct architecture reviews, threat modeling, and security assessments.
- Implement security tooling across cloud infrastructure and CI/CD pipelines.
-
Compliance & Trust
- Lead security certification initiatives such as ISO 27001 and SOC 2.
- Own customer security questionnaires and security reviews with enterprise clients.
- Develop and maintain security policies, controls, and documentation.
-
Security Operations
- Manage vulnerability management and security patching processes.
- Coordinate penetration testing and remediation programs.
- Introduce automated and AI-assisted security testing tools.
-
Security Program Development
- Establish risk management and security governance practices.
- Build business continuity and disaster recovery programs aligned with ISO 22301.
- Develop the foundations for a future security team.
Qualifications
- 5–8+ years experience in cybersecurity, security engineering, or cloud security.
- Strong understanding of modern cloud security architectures (AWS/GCP/Azure).
- Experience implementing or supporting ISO 27001, SOC 2, or similar frameworks.
- Hands-on experience with DevOps / DevSecOps practices.
- Familiarity with penetration testing, vulnerability management, and threat modeling.
- Ability to work closely with engineering teams and leadership.
Bonus Experience
- Experience building security programs in high-growth startups.
- Experience with container security, Kubernetes, and infrastructure-as-code.
- Experience with red team / blue team exercises.
- Familiarity with AI-driven security tools or automated pentesting platforms.
Job Requirements
- 5–8+ years experience in cybersecurity, security engineering, or cloud security.
- Strong understanding of modern cloud security architectures (AWS/GCP/Azure).
- Experience implementing or supporting ISO 27001, SOC 2, or similar frameworks.
- Hands-on experience with DevOps / DevSecOps practices.
- Familiarity with penetration testing, vulnerability management, and threat modeling.
- Ability to work closely with engineering teams and leadership.
- Bonus Experience
- Experience building security programs in high-growth startups.
- Experience with container security, Kubernetes, and infrastructure-as-code.
- Experience with red team / blue team exercises.
- Familiarity with AI-driven security tools or automated pentesting platforms.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
The intern will assist with supporting the assigned area, gaining practical application experience, and expanding their knowledge and skills base by performing job-specific tasks to assist with operations. They will also have the opportunity to observe the workplace and gain industry knowledge.
Senior Security Engineer I – Identity Access Management
CDWCDW is a leading multi-brand provider of information technology solutions to business, government, education, and healthcare customers in the United States, the United Kingdom, and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive. CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law. CDW is committed to fostering an equitable, transparent, and respectful hiring process for all applicants.
Security Engineer managing IAM solutions for a Fortune 500 technology provider
Security/Compliance Engineer
ExcentiumExcentium is a Service-Disabled Veteran-Owned Small Business (SDVOSB) providing cybersecurity and IT services to federal agencies. We hold FedRAMP 3PAO accreditation, CMMC Level 2 certification, and maintain facility clearances supporting our mission-critical work across government. We take pride in building a workforce with strong Veterans focus.
Lead security compliance and ATO activities for a major government healthcare organization's ServiceNow implementation. Ensure the solution meets FedRAMP High requirements and federal security standards. Lead Authority to Operate (ATO) package development and submission Coordinat...
Chief Information Security Officer
Nsight HealthAt Nsight Health, you’ll be part of a fast-growing organization that sits at the intersection of healthcare, technology, and compassion. We’re looking for people who care deeply about improving patient lives and building the future of connected care. Our team culture is collaborative, agile, and purpose-driven. Every role—from clinical operations and customer success to marketing, technology, and leadership—directly contributes to improving how healthcare organizations care for their patients.
We are seeking a visionary yet pragmatic Chief Information Security Officer (CISO) to build and own Nsight Health’s security and compliance function from the ground up. As we scale our AI-powered healthcare platform, we require a leader who views security not as a blocker, but ...
