About the Role:

We are seeking a pragmatic and strategic Security Engineering Lead or Officer to build and lead our security function from the ground up. As an AI SaaS company serving the semiconductor industry, we are entrusted with sensitive design, model, and infrastructure data. You will be responsible for driving security strategy across our product, infrastructure, compliance, and operations—ensuring we meet and exceed industry standards like SOC 2 and maintain the trust of enterprise customers.

Key Responsibilities:

Product & Cloud Security

• Oversee the security of our cloud-native SaaS platform (AWS-based)
• Design and implement secure practices for LLM model endpoints and microservices
• Manage infrastructure hardening, network segmentation, and secure data flows

Compliance & Governance

• Own the SOC 2 compliance roadmap, audit preparation, and continuous monitoring
• Implement scalable processes for access control, data classification, and retention
• Lead third-party risk management and security reviews

Security Operations

• Establish incident response, disaster recovery, and business continuity plans
• Develop secure SDLC practices and CI/CD pipeline monitoring
• Manage vulnerability scanning, penetration testing, and logging/alerting

Corporate Security

• Lead employee security training, onboarding, and asset management
• Define and enforce device, MDM, and endpoint protection policies

Customer & Stakeholder Engagement

• Act as the face of security in enterprise customer conversations
• Respond to security questionnaires and due diligence requests
• Represent the company in discussions around IP protection, data localization, and export controls

Required Qualifications:

• 8+ years in security leadership roles, with experience in SaaS or cloud-native environments
• Proven experience with SOC 2, ISO 27001, or similar frameworks
• Strong understanding of cloud security architecture (AWS preferred), Kubernetes, and IAM
• Experience building security programs from the ground up with modern security tools
• Excellent communication and ability to influence cross-functional stakeholders

Preferred Qualifications:

• Experience working with enterprise customers in semiconductor, EDA, or high-IP industries
• Exposure to export compliance, ITAR, or data governance for sensitive sectors
• Prior startup experience and ability to thrive in a fast-paced, high-ownership environment

What We Offer:

• Foundational Ownership: A greenfield opportunity to define and lead the entire security function at a high-growth startup from day one.
• Modern Stack & Culture: A cloud-native, microservices-based environment (AWS/Kubernetes) with strong engineering values and high autonomy.
• Enterprise-Grade Challenges: Partner with leading chip design companies on security, compliance, and trust in highly regulated, IP-sensitive domains.