Senior Security Engineer

Qualified is the Agentic Marketing Platform for B2B companies. With Piper the AI SDR Agent, Qualified offers a whole new way to grow inbound pipeline. Piper operates across both the website and email, working to engage website visitors, capture leads, and convert buyers into pipeline around the clock. Hundreds of the worlds leading brands including Crunchbase, Asana, Box, and Grubhub choose Qualified to increase lead conversions, generate more meetings, and improve efficiency within their inbound pipeline motion.

We're looking for a deeply experienced Senior Security Engineer to establish and lead our security engineering function as our first dedicated security engineer hire. You'll serve as the security champion for our 50+ person engineering organization, partnering closely with our platform, infrastructure, and engineering leadership teams to mature and enhance our existing security posture.

This is a foundational role where you'll have the opportunity to evolve our security strategy, strengthen existing security controls, and establish advanced security practices across our entire technology stack. You'll drive initiatives that protect our AI-powered platform, customer data, and business operations while enabling safe, high-velocity development. If you're passionate about building robust security programs, love solving complex security challenges, and enjoy elevating security awareness across engineering teams, this role is for you.

• Evolve and Mature Security Practices: Build upon our existing security foundation by designing and implementing advanced security controls, policies, and practices that scale with our growth and align with industry best practices.
• Drive Proactive Security Assessments: Systematically identify security vulnerabilities and weak points across our systems through threat modeling, security reviews, and risk assessments. Develop and execute comprehensive remediation roadmaps.
• Partner with Corporate Security: Collaborate closely with our corporate security team to align technical security initiatives with broader organizational security policies, compliance requirements, and risk management objectives.
• Secure the Platform & Infrastructure: Work hand-in-hand with our platform and infrastructure teams to harden cloud environments, implement security automation, and build security into our CI/CD pipelines and deployment workflows.
• Implement Security Tooling & Monitoring: Deploy and manage security tools including SAST/DAST scanners, vulnerability management systems, security monitoring, and incident response capabilities.
• Incident Response & Forensics: Lead security incident response efforts, conduct post-incident analysis, and continuously improve our security incident handling capabilities.

• 6+ years of software engineering experience with 3+ years in security engineering, application security, or infrastructure security roles, with proven experience building security programs at high-growth technology companies.
• Deep cloud security expertise with AWS, Kubernetes, and cloud-native security tools.
• Experience securing containerized environments.
• Strong application security background including secure code review, vulnerability assessment, penetration testing, and familiarity with OWASP Top 10 and common attack vectors.
• Infrastructure security experience with network security, identity and access management (IAM), secrets management, and security automation using infrastructure-as-code.
• Strong communication and collaboration skills; able to translate complex security risks into business impact and work effectively with engineering teams to drive security improvements.
• Regulatory and compliance knowledge with frameworks like SOC 2, ISO 27001, GDPR, and experience implementing technical controls to meet compliance requirements.

Foundational Impact: As our first security hire, you'll mature our security program and directly shape how we approach advanced security practices across all aspects of our business.

High-Growth Environment: Join us at a pivotal stage where you can establish security best practices that will scale with…