Founding Security Enginee
Join Profound, a pioneering force at the intersection of AI and security. We're on a mission to empower companies to truly understand and master their AI presence. As our very first dedicated security hire, you won't just maintain; you'll define and build the entire security posture of our cutting-edge platform, critical infrastructure, and corporate environment from the ground up.
This is a unique opportunity for a visionary security professional who sees security as a strategic enabler, not a roadblock. You'll collaborate directly with our Engineering and Operations teams, embedding robust security controls, compliance programs, and advanced threat defenses into our DNA, ensuring customer trust and fueling our rapid growth. If you're passionate about shaping the future of AI security and thrive on crafting scalable systems from first principles, this role is for you.
What You'll Build & Own Identity & Access Management Architect: Design, implement, and govern robust Role-Based (RBAC) and Attribute-Based Access Control (ABAC) across production systems, cloud infrastructure, and corporate tools. Vulnerability & Application Security Champion: Establish and lead a comprehensive vulnerability management program covering infrastructure, applications, and third-party dependencies. Compliance & Risk Leader: Drive SOC 2 Type II compliance end-to-end, from defining controls and collecting evidence to managing auditor relationships and remediating gaps. Cloud & Infrastructure Guardian (AWS Focus): Secure our AWS infrastructure, including VPC architecture, security groups, IAM policies, and network segmentation. Incident Response & Detection Strategist: Develop and mature our incident response plan, conduct tabletop exercises, and lead incident response efforts when necessary. Who You Are Core Experience: 3 or more years of experience in security engineering, ideally within high-growth SaaS or infrastructure-heavy environments. Leadership & Mindset: Exceptional communication skills, able to translate complex security risks into clear business terms for diverse audiences (engineering, leadership, and customer-facing teams). Bonus Points (Highly Desired): Experience with infrastructure as code (IaC) security, such as Terraform or CloudFormation. Location & Compensation The expected base salary range for this role is $80,000 to $150,000. Profound’s total compensation package is highly competitive, including base salary, substantial equity, and a comprehensive suite of benefits and perks. Final compensation will be determined based on your unique skills, experience, qualifications, and will be discussed transparently during the interview process. Our recruiting team will share more details about the full compensation package and benefits as you move through hiring. Ready to secure the future of AI? Apply now and tell us why you're the foundational Security Engineer we're looking for!
As our foundational Security Engineer, you will:
Lead Identity and Access Management (IAM) initiatives, including SSO, SCIM provisioning, and lifecycle automation for Google Workspace, AWS, and internal systems.
Conduct regular access reviews and relentlessly enforce least-privilege principles across all environments.
Engineer automated workflows for seamless onboarding, offboarding, and role change provisioning.
Integrate advanced security scanning (SAST, DAST, SCA, and container image scanning) directly into our CI/CD pipelines.
Triage and expertly respond to security findings from automated tools, bug bounty programs, and third-party assessments.
Craft and maintain practical security policies, standards, and procedures that align with our operational realities.
Act as a key resource for customer security reviews, vendor assessments, and due diligence processes.
Conduct thorough risk assessments and maintain a dynamic risk register to inform strategic prioritization decisions.
Implement and maintain robust logging, monitoring, and alerting for security-relevant events across cloud and corporate systems.
Oversee physical security controls for the Union Square office, including access management, visitor policies, and asset tracking.
Implement advanced detection capabilities using log aggregation, SIEM tooling, and anomaly detection.
Conduct post-incident reviews and drive continuous systemic improvements.
We're looking for a highly motivated and skilled Security Engineer with:
Deep understanding of access control models, identity management systems, and authentication protocols such as OAuth, SAML, and OIDC.
Hands-on experience building or maintaining a SOC 2 compliance program.
Strong knowledge of AWS security services and cloud security architecture, including IAM, VPC, CloudTrail, GuardDuty, and Security Hub.
Demonstrated ability to integrate vulnerability management tooling into CI/CD workflows.
Solid understanding of network security fundamentals, including firewalls, DNS, VPNs, segmentation, and traffic analysis.
Practical scripting skills in Python or Bash for automation of security workflows.
A true systems thinker who understands root causes, blast radius, and can design scalable controls.
Self-directed, possessing strong judgment and comfort operating with significant autonomy in a fast-paced environment.
Motivated by the profound opportunity to build the foundational security for a category-defining AI company.
Familiarity with data infrastructure security for systems such as ClickHouse or PostgreSQL.
Background in penetration testing or application security assessments.
Relevant certifications such as CISSP, CCSP, AWS Security Specialty, or similar.
Experience with data processing compliance in analytics-heavy environments.
This is an on-site role, designed for builders who thrive on speed, iteration, and meaningful impact, based in our vibrant Union Square, NYC office. We are proud to support visa sponsorship for qualified international candidates.