Security Engineer

Security Engineer Profound is on a mission to help companies understand and control their AI presence. We are hiring Security Engineers to own the security posture of our platform, infrastructure, and corporate environment. You will work directly with Engineering and Operations teams to build and maintain the security controls, compliance programs, and threat defenses that protect customer data and enable rapid growth. This role is ideal for someone who sees security as a business accelerator rather than a blocker and who thrives on building practical, scalable security systems from the ground up. As the first dedicated security hire, you will shape how we approach access control, vulnerability management, compliance, and incident response as we scale. WHAT YOU’LL DO - Conduct regular access reviews and enforce least-privilege principles across environments - Build and run a vulnerability management program across infrastructure, applications, and dependencies - Integrate security scanning into CI or CD pipelines including SAST, DAST, SCA, and container image scanning - Triage and respond to security findings from automated tools, bug bounty programs, and third-party assessments - Own SOC 2 Type II continuous compliance, including defining controls, collecting evidence, and closing gaps - Build and maintain security policies, standards, and procedures aligned with operational reality - Conduct risk assessments and maintain a risk register that informs prioritization decisions - Implement detection capabilities using log aggregation, SIEM tooling, and anomaly detection - Conduct post-incident reviews and drive systemic improvements WHO YOU ARE - 5 or more years of experience in security engineering, including experience in high-growth SaaS or infrastructure-heavy environments - Deep understanding of access control models, identity management systems, and authentication protocols such as OAuth, SAML, and OIDC - Hands-on experience building or maintaining a SOC 2 compliance program - Strong knowledge of AWS security services and cloud security architecture including IAM, VPC, CloudTrail, GuardDuty, and Security Hub - Experience integrating vulnerability management tooling into CI or CD workflows - Familiarity with network security fundamentals including firewalls, DNS, VPNs, segmentation, and traffic analysis - Practical scripting skills in Python or Bash for automation of security workflows - Clear communicator who can translate security risks into business terms for engineering, leadership, and customer-facing teams - Systems thinker who understands root causes, blast radius, and scalable control design - Self-directed with strong judgment and comfort operating with significant autonomy - Motivated by building the security foundation for a category-defining AI company NICE TO HAVES - Experience with infrastructure as code security such as Terraform or CloudFormation - Familiarity with data infrastructure security for systems such as ClickHouse or PostgreSQL - Background in penetration testing or application security assessments - Relevant certifications such as CISSP, CCSP, AWS Security Specialty, or similar - Experience with data processing compliance in analytics-heavy environments LOCATION This is an on-site role based in our Union Square, NYC office, designed for builders who thrive on speed, iteration, and meaningful impact. For this role, the expected base salary range is $150,000 to $200,000 (NY). Comp may vary by location. Profound’s total compensation package is designed to be competitive and includes base salary, equity, and a full range of benefits and perks. Final compensation will depend on factors such as your skills, experience, qualifications, and location, and will be determined during the interview process. Our recruiting team will share more details about the full compensation package and benefits as you move through hiring.