TwelveLabs is hiring a Staff Security Engineer

Responsibilities

• Partner with the lead security engineer to identify risk, build controls, and drive security initiatives across the organization
• Perform security assessments, penetration testing, and code reviews to find and remediate vulnerabilities across our applications and infrastructure
• Integrate security tooling and controls into CI/CD pipelines and software development workflows, shifting security left without slowing teams down
• Help design and enforce cloud security architecture across our AWS environment, including IAM, WAF, network segmentation, encryption, and runtime threat detection
• Develop and continuously improve security monitoring, logging, and alerting capabilities to support incident detection and response
• Participate in the security on-call rotation and assist with incident response and investigation as needed
• Contribute to compliance efforts across SOC 2, GDPR, CMMC/NIST, etc., including audit support and policy development
• Help secure AI/ML pipelines, model training infrastructure, and model artifacts including weights and deployment code
• Build and maintain internal security tooling and automation to scale our program without scaling headcount
• Partner with engineering, infrastructure, and IT to embed security practices directly into development and delivery workflows

Requirements

• Bachelor's or Master's in Computer Science, cybersecurity, or equivalent experience
• 8+ years in security, with hands-on experience across multiple domains rather than a single specialty
• Proven experience with cloud infrastructure security on AWS, including multi-account design, IAM, network segmentation, and runtime threat detection
• Solid understanding of Linux, networking, security monitoring, intrusion detection and response, authentication and access control, and security protocols
• Proven experience with web application security assessments and penetration testing
• Experience with Terraform or other IaC/configuration management tools
• Familiarity with compliance frameworks like SOC 2, GDPR, and CMMC, including audit support
• Experience building internal security tooling
• Familiarity with securing AI/ML pipelines, model training infrastructure, or model artifacts (weights, serving infrastructure, or deployment code)
• Strong communication skills and the ability to drive security initiatives cross-functionally without direct authority
• U.S. Citizenship

Nice to Have

• Have experience securing Kubernetes environments
• Have hands-on experience implementing and administering a cloud security platform like Wiz or Tenable for security posture management, workload protection, and vulnerability visibility
• Have hands-on offensive security or red team experience
• Have worked at an AI or ML company and understand the threat landscape around model artifacts and pipelines
• Run a home lab or pursue self-directed security research in your spare time

Benefits

• An open and inclusive culture and work environment.
• Work closely with a collaborative, mission-driven team on cutting-edge AI technology.
• Full health, dental, and vision benefits
• Extremely flexible PTO and parental leave policy. Office closed the week of Christmas and New Years.

Work Arrangement

Hybrid

Additional Information

• Candidates must be able to travel up to 10% of the time annually to attend conferences, off-site meetings, and other business-related events as required by the role.
• This role may require participation in on-site interviews and/or completion of in-person onboarding processes.