Partner with the lead security engineer to identify risk, build controls, and drive security initiatives across the organization
Perform security assessments, penetration testing, and code reviews to find and remediate vulnerabilities across our applications and infrastructure
Integrate security tooling and controls into CI/CD pipelines and software development workflows, shifting security left without slowing teams down
Help design and enforce cloud security architecture across our AWS environment, including IAM, WAF, network segmentation, encryption, and runtime threat detection
Develop and continuously improve security monitoring, logging, and alerting capabilities to support incident detection and response
Participate in the security on-call rotation and assist with incident response and investigation as needed
Contribute to compliance efforts across SOC 2, GDPR, CMMC/NIST, etc., including audit support and policy development
Help secure AI/ML pipelines, model training infrastructure, and model artifacts including weights and deployment code
Build and maintain internal security tooling and automation to scale our program without scaling headcount
Partner with engineering, infrastructure, and IT to embed security practices directly into development and delivery workflows

Bachelor's or Master's in Computer Science, cybersecurity, or equivalent experience
8+ years in security, with hands-on experience across multiple domains rather than a single specialty
Proven experience with cloud infrastructure security on AWS, including multi-account design, IAM, network segmentation, and runtime threat detection
Solid understanding of Linux, networking, security monitoring, intrusion detection and response, authentication and access control, and security protocols
Proven experience with web application security assessments and penetration testing
Experience with Terraform or other IaC/configuration management tools
Familiarity with compliance frameworks like SOC 2, GDPR, and CMMC, including audit support
Experience building internal security tooling
Familiarity with securing AI/ML pipelines, model training infrastructure, or model artifacts (weights, serving infrastructure, or deployment code)
Strong communication skills and the ability to drive security initiatives cross-functionally without direct authority
U.S. Citizenship

Have experience securing Kubernetes environments
Have hands-on experience implementing and administering a cloud security platform like Wiz or Tenable for security posture management, workload protection, and vulnerability visibility
Have hands-on offensive security or red team experience
Have worked at an AI or ML company and understand the threat landscape around model artifacts and pipelines
Run a home lab or pursue self-directed security research in your spare time

An open and inclusive culture and work environment.
Work closely with a collaborative, mission-driven team on cutting-edge AI technology.
Full health, dental, and vision benefits
Extremely flexible PTO and parental leave policy. Office closed the week of Christmas and New Years.

Hybrid

Candidates must be able to travel up to 10% of the time annually to attend conferences, off-site meetings, and other business-related events as required by the role.
This role may require participation in on-site interviews and/or completion of in-person onboarding processes.

TwelveLabs is hiring a Staff Security Engineer

Similar Jobs