Vanilla Technologies is hiring a Senior Security Engineer

Vanilla Technologies is hiring a Senior Security Engineer to scale and strengthen our security posture across infrastructure, product, and operations. In this role, you will work cross-functionally with engineering, product, legal, and compliance teams to ensure our systems meet high standards, proactively identify vulnerabilities, and improve internal and cloud security processes.

What You'll Do

• Design and implement security architecture for cloud environments (AWS/GCP/Azure).
• Manage identity and access management (IAM) policies, service accounts, and privilege escalation controls.
• Implement network security controls (VPCs, security groups, WAF, DDoS protection).
• Secure CI/CD pipelines and container orchestration (Kubernetes/ECS security).
• Monitor and respond to cloud security events using SIEM/SOAR tools.
• Conduct threat modeling and security reviews for infrastructure changes.
• Manage secrets management, key rotation, and encryption at rest/in transit.
• Secure AI model training pipelines and inference endpoints.
• Implement controls against prompt injection, jailbreaking, and model manipulation.
• Establish data governance for sensitive training data (PII/PHI).
• Design secure embedding and vector database architectures.
• Monitor for model abuse, data exfiltration, and adversarial attacks.
• Implement guardrails and content filtering for AI outputs.
• Assess third-party AI vendor security (OpenAI, Anthropic, etc.).
• Support SOC 2, ISO 27001, or relevant compliance frameworks.
• Document security controls, runbooks, and incident response procedures.
• Conduct vendor security assessments.
• Participate in customer security questionnaires and audits.
• Act as a security point of contact to address customer needs.

What We're Looking For

• 5-7+ years in security engineering roles.
• 3+ years securing cloud environments (AWS/GCP/Azure) in production.
• Strong understanding of IAM, network security, encryption, and secrets management.
• Experience with infrastructure-as-code security (Terraform, CloudFormation).
• Container and Kubernetes security experience.
• Hands-on experience with security tools (SIEM, vulnerability scanners, CSPM).
• Demonstrated experience with security assessments: threat modeling, secure code review, vulnerability detection, and remediation.
• Experience working within compliance frameworks (e.g., SOC 2, ISO 27001) and collaborating with legal, compliance, and engineering teams.
• Clear and effective communicator, able to explain technical security concepts to both technical and non-technical audiences.
• Candidates must be legally authorized to work in the United States without the need for sponsorship now or in the future.

Nice to Have

• Understanding of LLM security risks (OWASP Top 10 for LLM).
• Experience securing APIs serving ML models.
• Familiarity with data privacy in ML contexts (anonymization, data minimization).
• Experience with RAG architectures, vector databases, or embedding security.
• Experience in fintech, healthcare, or other regulated industries handling sensitive data.
• Startup/scale-up experience (wearing multiple hats).
• Prior incident response or forensics work.

Technical Stack

• AWS, GCP, Azure, IAM, VPC, WAF
• Kubernetes, ECS, SIEM, SOAR
• Terraform, CloudFormation, OpenAI, Anthropic

Team & Environment

You will work cross-functionally with engineering, product, legal, and compliance teams.

Benefits & Compensation

• Compensation: $180,000 to $210,000 + equity.
• Flexible paid time off policy and 10 company-wide paid holidays.
• Parental leave: 4 weeks for all full-time employees and up to 12 weeks for birthing parents.
• Medical, dental, and vision benefits coverage for employees and their families.
• 401K eligibility after one month of employment.
• Free estate planning documents.
• Budget for learning & development and home office setup.
• Paid parking or transit for hybrid and in office employees.

Work Mode

This is a remote position open to candidates in: California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Kentucky, Maine, Massachusetts, Minnesota, New Jersey, New York, Ohio, Pennsylvania, Rhode Island, South Carolina, South Dakota, Texas, Utah, Virginia, Washington, Washington, D.C.

Vanilla Technologies Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.