About UsWe're living through a fundamental shift in how people discover, evaluate, and purchase products. The next generation doesn't respond to traditional marketing -- they build relationships with brands through authentic social interactions, seek recommendations from communities they trust, and expect personalized experiences that feel human, not corporate.At Nectar Social, we're building the AI-native social operating system that enables this new era of commerce. We believe every social interaction should deepen the relationship between brands and their communities while creating genuine value for both sides.Founded by ex-Meta product and engineering leaders, we've raised over $30M in total capital from investors including GV and True Ventures. We work with brands like Oura Health, Caraway, e.l.f. Cosmetics, Kosas, OLIPOP, and many more. We're building the future of social commerce -- where community, conversation, and commerce converge.The RoleWe're looking for a Security Engineer to own security across our enterprise SaaS platform -- from the design of our deployed applications to the compliance programs that earn the trust of large brands. We handle sensitive social and customer data at scale, and our customers expect enterprise-grade security and rigorous proof of it.As the first Security engineer, you'll have outsized ownership. You'll secure the products we ship, lead the compliance initiatives that unlock enterprise deals, and build the security foundations the rest of the engineering team relies on as we grow.What You'll Be DoingOwn the security of our deployed applications -- threat modeling, secure design reviews, and finding and fixing vulnerabilities across our services and AI infrastructureLead new compliance initiatives (SOC 2, and frameworks like ISO 27001, GDPR, and CCPA as we scale), establishing the controls, policies, and evidence to back themOwn the security side of the sales cycle: complete customer security questionnaires, support enterprise security reviews, and act as our expert in vendor assessmentsBuild and run our vulnerability management, secrets management, identity and access, and security monitoring practicesManage third-party risk and our penetration-testing programWhat We're Looking For5+ years in security engineering, application/product security, or a related role at a software companyStrong application and cloud security fundamentals -- you can reason about the security of real production systems and AI workloads, not just policyHands-on experience leading or operating a compliance program (SOC 2, ISO 27001, or similar) end to endSolid programming skills to build security tooling and automation, and to work credibly alongside engineersComfortable operating in fast-moving startup environments with high ownership and autonomyBonus PointsExperience standing up a security and compliance function at an early-stage or rapidly scaling SaaS companyFamiliarity with our tech stack: AWS, Pulumi, Postgres, ClickHouse, Turbopuffer, or TemporalWhat We OfferCompetitive compensation and early equityHealth, vision, and dental benefits + 401(k) matchClear career growth opportunities as the company scalesFree lunch in the heart of University Ave. in Palo AltoDeep exposure to cutting-edge AI tooling and the opportunity to shape how brands use itA collaborative, ambitious team defining a new category of AI-native marketing infrastructure