Founding Security Engineer

Overview

Founding Security Engineer  will not just maintain a security checklist; you will define the posture, architecture, and practices that keep our products and infrastructure secure in the most demanding environments. You will be both hands-on and strategic, building controls, automating compliance, and working directly with customers, auditors, and internal teams to inspire confidence in our platform. This is a high-visibility, high-ownership role: you will be Sift’s first security hire, laying the foundation of our security program and growing it into a dedicated function as the company scales.

Technical Security

• Build secure CI/CD pipelines with embedded scanning.
• Operate and tune SIEM/EDR (ELK, Datadog, Splunk, Crowd Strike, Prometheus, Grafana). Secure multi-cloud environments (AWS Gov Cloud, Kubernetes, on-prem).
• Implement zero-trust networking and modern SASE/ZTNA approaches.
• Improve visibility and observability across networks and workloads.

Compliance

• Partner with external compliance firms to align Sift with SOC 2, ISO 27001, NIST 800-171, FedRAMP, and CMMC.
• Support third-party/vendor security assessments.
• Support readiness for audits and customer/government reviews by providing technical evidence and controls.
• Provide company-wide security awareness training focused on secure development and operations practices.

Technical Skills

• 5+ years in cybersecurity, product security, or cloud security roles, ideally in high assurance or regulated industries.
• Hands-on experience securing AWS or an equivalent cloud service provider (Gov Cloud preferred) and Kubernetes-based environments, with strong infrastructure as code practices.
• Familiarity with compliance frameworks and experience partnering with compliance specialists to implement technical controls.
• Deep understanding of network, endpoint, and identity security principles.
• Experience with security tooling and integration into operational workflows.
• Ability to translate abstract security and regulatory requirements into clear, actionable engineering work.
• Experience handling customer-facing security reviews and responding to technical security inquiries.

Soft Skills

• Clear communicator with both technical and non-technical stakeholders.
• Customer-facing presence for audits and enterprise assurance.
• Collaborative partner to infra and product teams.
• High ownership and adaptability in ambiguous, fast-moving environments.
• Integrity and trustworthiness, handling sensitive data, and compliance matters with discretion.
• Excited to operate as a team of one early on, with the vision to build and lead a security function over time.

Location:

Sift’s headquarters is in El Segundo, CA. We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. While we prefer team members to be local, relocation to LA is possible or remote work from the San Francisco area may be considered for the right candidate.

Salary range: $170,000 - $220,000 per year. Plus equity and benefits.

US Person

Required:

Must be a U.S. Citizen or Green Card Holder due to ITAR/EAR compliance requirements.