Principal Security Engineer – DevSecOps and Security Architect

The Role

As a Principal Security Engineer, you will partner closely with engineering teams to design and implement secure development practices, integrate security into our CI/CD pipeline, and lead security and design reviews.

You’ll bring deep expertise in DevSecOps, application security, hands-on experience securing web applications and APIs, and a strong understanding of modern development workflows. This is a unique opportunity to shape the future of our security program while working in a high-ownership, high-impact environment.

What you will do

• Architect and integrate security tooling directly into CI/CD pipelines to automate the detection and prevention of vulnerabilities, ensuring "shift-left" security at scale.
• Lead threat modeling and secure design reviews for web applications, APIs, and cloud services.
• Oversee the end-to-end product vulnerability lifecycle, from issue triage, prioritization, remediation support, with clear risk communication.
• Drive secure coding standards, develop playbooks, and provide hand-on training and mentorship to instill a security-first mindset across the organization.
• Design and scale secure development practices by collaborating cross-functionally with engineering teams throughout the entire software lifecycle.
• Engage with customers during security reviews

What you bring to the table

• 10+ years in security, with a focus on DevSecOps and security design reviews
• Hands-on experience with secure coding, OWASP Top 10, threat modeling, and SDLC integration
• Experience with GitHub/GitLab, CI/CD, IaC, and containerized environments
• Experience deploying and working with SAST tooling (e.g. Semgrep, Snyk)
• Experience developing in Python and Go.
• Track record of balancing pragmatism and security rigor in a fast-paced setting
• Strong communication skills

Nice to Have Skills

• Understanding of AI security fundamentals and how application security and AI security intersect
• Experience securing cloud infrastructure
• Participation in bug bounty programs and managing security disclosure
• Familiarity with the BSIMM framework
• Experience in cloud security including identity and access management and cloud-native services.

What we offer

Build what actually matters

Help shape an AI-native engineering company at a formative stage, tackling problems that genuinely matter for industry and society. This is work with real-world impact - and something you can be proud to stand behind.

Learn alongside exceptional people

Work with a high-caliber, collaborative team of engineers, scientists, and operators who care deeply about doing great work, and about helping each other get better. We come from diverse backgrounds, but we share a commitment to operating at the highest level and addressing some of the most complex challenges out there. If you’re ambitious, thoughtful, and driven by impact, you’ll feel at home.

Influence over hierarchy

We operate with a flat structure: good ideas win - wherever they come from. Questioning assumptions and challenging the status quo isn’t just welcomed, it’s expected.

Sustainable pace, long-term ambition

Building meaningful technology is a marathon, not a sprint. We believe in balancing focused, ambitious work with a life beyond it. Our hybrid model blends time together in our New York office with work-from-home days, giving you the flexibility to work sustainably while staying connected in person.

UK Benefits:

Equity options; 10% pension employer contribution; 25 days holiday plus public holidays; private health insurance; enhanced parental leave; free lunch onsite

US Benefits:

🚀 Equity options - share meaningfully in the company you’re helping to build.

💰 5% contribution to 401(k) - build long-term security with a strong retirement plan.

🍽️ Free team lunch 1x/week - good food, great company, and space to connect.

🏥 Private health insurance – comprehensive cover for you, offering total peace of mind.

👶 Enhanced parental leave – 3 months full pay paternity and 6 months full pay maternity leave, to provide extra flexibility during the moments that matter most.

☀️ 20 days of Annual Leave (+ Public Holidays) - because taking time to rest matters.

📈 Personal development – dedicated support for learning, development, and leveling up over time.

💪 Gympass / Wellhub (subsidized) – for you and up to 3 family members, supporting both physical and mental wellbeing.

💳 Flexible Spending Account (FSA) – set aside pre-tax dollars for eligible healthcare expenses.

🔎 Watch this space, we’re continuing to build this as we grow…

Salary for this position in the USA is from $200,000 to $300,000