Senior Security / Infrastructure Engineer
A.Team is a Series A startup (~70 global employees) that has transformed from a talent platform into an AI Systems Integrator serving Fortune 500 CPG and Retail enterprises. We partner with leading global brands to build and deploy transformative AI solutions that reshape how they operate.
Our mission is to deliver high-impact AI systems at enterprise scale, and that means security and infrastructure excellence are non-negotiable. As we expand our client footprint and pursue strategic partnerships (including Microsoft Azure marketplace integration), we need a security leader who can build our platform security foundation from the ground up.
The Opportunity
This is a zero-to-one platform security role. You will own the security posture for our AI solutions platform, ensuring we meet the rigorous standards required by Fortune 500 enterprises while enabling our engineering team to move fast and deliver value.
Enterprise IT teams are blocking AI deployments that lack compliance and security standards, and that means our security infrastructure directly impacts revenue. You will be the person who lets our leadership "sleep well at night," knowing our platform, our clients' data, and our compliance posture are rock solid.
This role combines hands-on infrastructure engineering with security architecture. You will work closely with our engineering leadership, product team, and enterprise clients to design and implement security solutions that enable rather than obstruct.
What You'll Do
Platform Security & Infrastructure (50%)
Own end-to-end platform security architecture for our AI solutions platform, including identity management, access controls, encryption, and network security.
Design and implement enterprise-grade RBAC (Role-Based Access Control) systems, including integration with client identity providers (Azure Active Directory, Okta, etc.).
Lead our multi-cloud security strategy across AWS (current) and Azure (expansion), ensuring consistent security posture as we scale.
Build and maintain secure infrastructure using Terraform CDK, Kubernetes (EKS/AKS), and modern IaC practices.
Implement secrets management, encryption at rest and in transit, and secure CI/CD pipelines.
Compliance & Governance (30%)
Maintain and enhance our SOC 2 Type II compliance program, working with Vanta for continuous monitoring and audit readiness.
Drive ISO 27001 alignment and prepare for certification as enterprise clients require it.
Conduct security reviews of new features, integrations, and client deployments. Establish SLAs and reporting cadences.
Create and maintain security documentation, policies, and runbooks that satisfy enterprise procurement requirements.
Partner with legal and operations on vendor security assessments, client security questionnaires, and DPAs.
Operations & Reliability (20%)
Establish security monitoring, alerting, and incident response procedures. Be a key member of the on-call rotation for security incidents.
Lead vulnerability management, including regular scanning, prioritization, and remediation tracking.
Provide weekly security status updates to engineering leadership and contribute to client-facing security communications.
Mentor engineers on secure development practices and conduct security-focused code reviews.
Who You Are
Required Experience
5+ years of experience in security engineering, DevSecOps, or infrastructure security roles, with at least 2 years at a senior level.
Proven experience building security programs from scratch or significantly maturing existing programs at a growth-stage company.
Deep expertise with AWS security services (IAM, KMS, Security Hub, GuardDuty, etc.) and infrastructure-as-code (Terraform strongly preferred).
Hands-on experience with Kubernetes security (network policies, RBAC, secrets management, service mesh).
Track record of achieving and maintaining compliance certifications (SOC 2, ISO 27001, HIPAA, or similar).
Technical Requirements
Strong proficiency with cloud security architecture and multi-cloud environments (AWS required, Azure experience highly valued).
Experience with identity federation, SSO, and enterprise identity providers (Azure AD, Okta, SAML, OIDC).
Familiarity with container security, CI/CD security, and supply chain security practices.
Scripting/automation skills (Python, Bash, TypeScript) for security tooling and automation.
Understanding of application security fundamentals and secure development lifecycle practices.
Nice to Have
Experience with AI/ML platform security considerations (model security, data privacy, prompt injection).
Azure security expertise, including Azure Security Center, Defender, and Sentinel.
Experience working with Fortune 500 enterprise security and procurement teams.
Background in data security and privacy regulations (GDPR, CCPA).
Core Competencies
Builder Mindset: You thrive in zero-to-one environments. You can design a security program and also roll up your sleeves to implement it.
Enterprise Fluency: You can navigate complex enterprise security requirements and translate them into actionable technical solutions.
Communication Skills: You write clear documentation and can explain security concepts to non-technical stakeholders, including executives and enterprise clients.
High Judgment: You balance security rigor with business velocity. You know when to enforce strict controls and when to find pragmatic solutions.
Ownership: You take accountability for security outcomes. When something goes wrong, you lead the response and drive improvements.
Our Tech Stack
Cloud: AWS (primary), Azure (expanding). EKS for container orchestration.
Infrastructure: Terraform, Helmfile, EKS, CircleCI.
Secrets: SOPS with KMS encryption. SSM Parameter Store for configuration.
Monitoring: Groundcover, CloudWatch, Vanta for compliance.
Data: MongoDB Atlas, PostgreSQL, RabbitMQ, Pinecone.
Application: TypeScript, Python, Node.js. AI/ML workloads with OpenAI, LangChain.
Impact: Your work directly enables Fortune 500 enterprises to adopt AI. Security is a revenue driver, not a cost center.
Ownership: Build the security function from the ground up. Define processes, choose tools, and shape the culture.
Growth: We are scaling fast. This role can grow into a Head of Security or CISO path as we expand.
Team: Work alongside experienced leaders from top tech companies and enterprise backgrounds.
-
Flexibility: Remote-first culture with a global team. We care about outcomes, not hours.
At A.Team, we believe diverse teams create better products and experiences. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender, gender identity or expression, or veteran status. We are proud to be an equal opportunity workplace.
