Sr. Security Engineer

Architect and build Intenseye’s security program end-to-end: cloud infrastructure security, application security, data protection, endpoint, and identity.

Own our compliance roadmap—including SOC 2 Type II, ISO 27001, and GDPR—and drive it to completion, partnering with legal, finance, and customer success.

Embed security into the SDLC: define secure coding standards, introduce SAST/DAST tooling, and partner with engineering to make secure-by-default the norm.

Build and run incident response: design our monitoring and alerting stack, write the playbooks, and lead the response when things go wrong.

Own IAM strategy across internal systems, cloud infrastructure, and customer-facing platforms.

Lead threat modeling and vulnerability management—working with engineering to prioritize and remediate across a complex, globally distributed system.

Be the face of security to enterprise customers: own security questionnaires, due diligence reviews, and executive-level conversations about our security posture.

Advise the CTO and executive team on security risk, investment, and strategy as the function matures.

8+ years in security engineering, with meaningful experience owning or significantly shaping a security function—not just executing within one.

Deep hands-on expertise in cloud security (GCP strongly preferred): network security, IAM, secrets management, container security (Kubernetes/Docker), and cloud-native threat detection.

Strong application security fundamentals: OWASP Top 10, secure SDLC, API security, and experience integrating SAST/DAST into CI/CD pipelines.

Proven experience driving a compliance program through completion (SOC 2 Type II, ISO 27001, or equivalent)—not just supporting it.

Solid grasp of data privacy (GDPR, CCPA) and the ability to work cross-functionally with legal and GTM teams on customer-facing requirements.

Experience with modern security tooling: SIEM, EDR, CSPM, vulnerability scanners (e.g., Wiz, Crowdstrike, Datadog Security, or equivalents).

Demonstrated ability to communicate security risk at the executive level—written and verbal.

Experience leading a cross-functional initiative.

Prior startup experience is required- high ownership, high velocity, pragmatic judgment.

Experience securing physical hardware deployments: device hardening, firmware security, secure boot, and managing the security lifecycle of hardware deployed in customer environments.

Bonus: experience with AI/ML platform security, industrial IoT, or edge computing environments;