Senior/Founding Security Engineer

Code Red is partnered with a well-backed & fast-growing AI automation startup that's looking to bring on a Senior / Founding Security Engineer.

About the Team: Started as a side project built by two ex-Big Tech engineers and have grown into a category-defining product in under two years, with major enterprise customers and significant institutional backing (Series B). The team is small by design- everyone has real ownership & is part of shaping direction.

About the Role

You'll be the first (and for a while, the only) security hire. That means you'll own the full security posture: application security, cloud infrastructure, AI/LLM-specific risks, and incident response. You'll report directly to the CTO and be supported by an experienced vCISO who will act as a strategic mentor and force multiplier.

What we're looking for:

First and foremost: a builder. You reach for code before process docs, and you automate what others would staff. Beyond that:

• Deep application security chops: secure SDLC, code review, OWASP Top 10, multi-tenant SaaS

Looking to advance your Cyber Security career with relocation support? Explore Cyber Security Jobs with Relocation Packages that include comprehensive packages to help you move and settle in your new role.

• Infra & Cloud security fundamentals and CSPM tooling (GCP preferred)
• Deep breadth across core cybersecurity pillars- looking for a true generalist
• Comfortable in containerized, microservices environments (Kubernetes, Docker)
• Strong ownership instinct: you move from strategy to execution without hand-holding
• Ideal/Bonus: background transitioning from SWE into product or application security

What you'll do:

• Own code review, cloud infrastructure hardening, and incident response end-to-end
• Hunt for broken auth, missing RBAC, and OWASP risks across PRs and the broader codebase

Discover our full range of relocation jobs with comprehensive support packages to help you relocate and settle in your new location.

• Map the full attack surface and build a living risk model across the product and integrations
• Automate security into CI/CD pipelines using AI-driven tooling
• Secure AI-generated code and build defenses against LLM-specific attack vectors
• Run the vulnerability management lifecycle with clear SLAs from intake to remediation
• Evaluate and operate CSPM tooling; own finding and fixing high/critical issues

What we offer:

• Competitive Bay Area salary + meaningful equity (benchmarked against 2025 SF Series A norms)

Interested in relocating to United State? Check out our comprehensive Relocation Jobs in United State page with detailed relocation packages and benefits.

• Full health, dental, and vision coverage
• Paid relocation + one month of temporary housing
• Direct CTO reporting line and real influence on product direction
• Mentorship from an experienced vCISO

Interview Process:

• Recruiter screen (30 min - virtual)
• CTO intro call (30 min - virtual)
• Technical Assessment (45 min - virtual with a peer engineer)
• Onsite (3 hours in-person)