Security Engineer
Listed on 2026-07-17
-
Security
Cybersecurity
About the Role
We are looking for a strong security engineer to join our team at Vals AI. You will be a generalist, handling tasks on both product and corporate security alike. The role will require a high degree of ownership, autonomy, and responsibility, and will provide the opportunity to work on the cutting edge of the AI industry.
We work with all the major foundation model labs, some of the largest financial institutions, and hospital systems in the world. Our work has been featured by the Wall Street Journal, Washington Post, and Bloomberg.
We are building the standard for evaluating the ability of LLMs to perform real-world tasks. You secure the systems that make this possible.
What You’ll Do- Help set security standards and practices across the organization
- Conduct internal penetration testing of our product and systems, and work with external penetration testing firms.
- Lead incident response activities and investigations into how incidents occurred
- Partner with engineers to embed security into the SDLC, including threat modeling new features, reviewing designs, and providing guidance during development
- Establish logging, monitoring, and detection capabilities to catch suspicious activity across both corporate and production environments
- Secure cloud infrastructure (AWS), including IAM, security groups, and network isolation and controls
- Secure our physical device fleet, establishing hardened baselines to deploy via MDM
- Deploy and tune email security tooling to defend against phising attacks and email spoofing.
- Secure corporate network infrastructure, including office networks and VPN/Tailscale
We expect approximately 70% / 30% split between product and corporate security (depending on the needs of the business at any given time).
Requirements- 2+ Years of
Experience:
Counting only full-time professional experience - Network and Application Security:
Experience in designing secure networks, systems, and application architectures - Cloud Security:
Knowledge of cloud security best practices, especially relating to AWS services. - Monitoring and Prevention:
Expertise in anti-malware software, intrusion detection, firewalls, and content filtering - Risk Assessment:
Knowledge of risk assessment tools, technologies, and methods. We are looking for the ability to accurately predict and model likely threats. - IT Security:
Including MDMs, EDR systems, DNS filtering, corporate networking, and other security tools. - Programming
Experience:
You should feel comfortable writing, reviewing, and testing code. - Location:
We are an in-person team based in San Francisco. We will support your relocation or transportation as needed.
- Penetration Testing:
Prior experience with red-teaming software applications or participating in bug bounties. - Python experience:
Python experience will be critical for application-layer security. - Familiarity with the LLMs:
It is a bonus if you are already familiar with the industry. - Startup Background:
Previous experience working at a startup, or starting your own company
- Highly competitive salary and meaningful ownership. Excellence is well rewarded.
- Relocation and transportation support
- Health/dental insurance coverage
- Lunch and dinner provided, free snacks/coffee/drinks
- 401K plan
- Unlimited PTO
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).