About Us
We’re a startup with big ambitions: to make estate planning modern, visual, and intelligent. Vanilla is the first AI-powered estate advisory platform, built by advisors, planners, and attorneys to transform how wealth is transferred across generations. Our technology unifies scenario modeling, client visualization, and document creation into one seamless, digital experience.
Our team brings together diverse subject matter expertise across estate planning, wealth management, and scaling SaaS startups. We’re distributed across the U.S., with a mix of fully remote and hybrid roles, and we embrace flexibility while staying closely connected. At Vanilla, you’ll join curious builders and problem-solvers who thrive on speed, autonomy, and impact. Here, you won’t just join a company, you’ll help create it. If you’re excited to tackle hard problems, move quickly, and see your work shape both an industry and a growing startup, we’d love to meet you.
Working Location
This role is a remote position, you must be based out of one of the following states: California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Kentucky, Maine, Massachusetts, Minnesota, New Jersey, New York, Ohio, Pennsylvania, Rhode Island, South Carolina, South Dakota, Texas, Utah, Virginia, Washington, or Washington, D.C.
Job Summary
We’re looking for a Senior Security Engineer to help us scale and strengthen our security posture across infrastructure, product, and operations. You’ll work cross-functionally with engineering, product, legal, and compliance teams to ensure our systems meet the highest standards, particularly around frameworks like SOC 2. You’ll also play a hands-on role in proactively identifying vulnerabilities, improving our internal and cloud security processes, and occasionally assisting with customer-facing security conversations.
This role is ideal for someone who enjoys solving complex technical security problems, building scalable tools and processes, and collaborating across teams to drive security initiatives forward.
Responsibilities:
Cloud & Infrastructure Security (Primary)
Design and implement security architecture for cloud environments (AWS/GCP/Azure)
Manage identity and access management (IAM) policies, service accounts, and privilege escalation controls
Implement network security controls (VPCs, security groups, WAF, DDoS protection)
Secure CI/CD pipelines and container orchestration (Kubernetes/ECS security)
Monitor and respond to cloud security events using SIEM/SOAR tools
Conduct threat modeling and security reviews for infrastructure changes
Manage secrets management, key rotation, and encryption at rest/in transit
AI/ML Security (Primary)
Secure AI model training pipelines and inference endpoints
Implement controls against prompt injection, jailbreaking, and model manipulation
Establish data governance for sensitive training data (PII/PHI in estate/financial documents)
Design secure embedding and vector database architectures
Monitor for model abuse, data exfiltration, and adversarial attacks
Implement guardrails and content filtering for AI outputs
Assess third-party AI vendor security (OpenAI, Anthropic, etc.)
Compliance & Governance
Support SOC 2, ISO 27001, or relevant compliance frameworks
Document security controls, runbooks, and incident response procedures
Conduct vendor security assessments
Participate in customer security questionnaires and audits
Required Qualifications:
Must Have:
5-7+ years in security engineering roles
3+ years securing cloud environments (AWS/GCP/Azure) in production
Strong understanding of IAM, network security, encryption, and secrets management
Experience with infrastructure-as-code security (Terraform, CloudFormation)
Container and Kubernetes security experience
Hands-on experience with security tools (SIEM, vulnerability scanners, CSPM)
Demonstrated experience with security assessments: threat modeling, secure code review, vulnerability detection, and remediation
Experience working within compliance frameworks (e.g., SOC 2, ISO 27001) and collaborating with legal, compliance, and engineering teams
Clear and effective communicator, able to explain technical security concepts to both technical and non-technical audiences
Candidates must be legally authorized to work in the United States without the need for sponsorship now or in the future. Vanilla is unable to provide visa sponsorship at this time.
AI/ML Security (can mentor into, but some exposure needed):
Understanding of LLM security risks (OWASP Top 10 for LLM)
Experience securing APIs serving ML models
Familiarity with data privacy in ML contexts (anonymization, data minimization)
Bonus: Experience with RAG architectures, vector databases, or embedding security
Nice to Have:
Experience in fintech, healthcare, or other regulated industries handling sensitive data
Startup/scale-up experience (wearing multiple hats)
Prior incident response or forensics work
The salary range for this role is $180,000 to $210,000. Our compensation packages also include a performance based bonus and equity. Compensation is based on a number of factors and may vary depending on job-related knowledge, skills, and experience.
Benefits:
Flexible paid time off policy and 10 company-wide paid holidays
Parental leave, 4 weeks for all full-time employees and up to 12 weeks for birthing parents
Medical, dental, and vision benefits coverage for employees and their families
401K eligibility after one month of employment
Free estate planning documents
Budget for learning & development and home office setup
Paid parking or transit for hybrid and in office employees
Vanilla Technologies Inc. (dba "Vanilla") provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Vanilla participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.
Compensation Range: $180K - $210K
