Security Engineer

Stack AI is a no-code drag-and-drop tool to quickly design, test, and deploy AI workflows that leverage Large Language Models (LLMs), such as ChatGPT, to automate any business process. Our core value is to make it extremely easy to build arbitrarily complex AI pipelines using a visual interface that allows you to connect different data sources with different AI models. Our customers use Stack AI to build applications such as: Chatbots and Assistants: AI agents that interact with users, answer questions, and complete tasks, using your internal data and APIs. Document Processing: apps to answer questions, summarize, and extract insights from any document, no matter how long. Answer Questions on Databases: connect GPT-like models to databases (such as Notion, Airtable, or Postgres) and ask questions about them. Content Creation: generate tags, summaries, and transfer styles or formats between documents and data sources. About this role At StackAI, security is at the heart of empowering companies to build AI assistants quickly and securely. We’re looking for a hands-on security engineer to design and drive our security strategy across infrastructure, applications, and processes. You’ll build and lead a world-class security team, embed security into our development lifecycle, and ensure we meet the highest standards of compliance and customer trust. If you thrive in high-growth environments and want to shape the future of AI security, we’d love to meet you. Responsibilities Design and Implement Security Frameworks Drive the creation and execution of security measures across both infrastructure and application layers (Render.com, Vercel, GCP, Azure, Kubernetes), ensuring StackAI remains secure as we scale rapidly. Shape the Security Vision Define and roll out a comprehensive security strategy, embedding best practices across engineering and product teams to safeguard data and systems. Build and Lead the Security Organization Recruit, mentor, and manage a high-performing security team while fostering a culture of technical excellence and proactive defense. Integrate Security into Development Partner with engineering teams to embed security into CI/CD pipelines and the entire software development lifecycle, making security a core part of how we build. Manage External Security Partnerships Oversee relationships with penetration testing firms, compliance auditors, and security vendors to strengthen our defenses and maintain trust. Support Customer and Partner Trust Work closely with customer-facing teams to clearly communicate StackAI’s security posture, compliance commitments, and incident response readiness. Harden Third-Party Dependencies Evaluate and continually improve the security of external tools, APIs, and integrations critical to our platform. Lead Incident Response Own the security incident response process, coordinating resolution efforts across teams and implementing long-term preventive measures. Ensure Compliance and Audit Readiness Collaborate with operations and legal teams to prepare for audits (e.g., SOC 2, ISO 27001) and uphold top-tier standards for regulatory and vendor security. Qualifications Proven Security Expertise 4+ years of hands-on experience in security engineering with success across both infrastructure and application layers. Leadership in High-Growth Environments Prior leadership experience in scaling tech companies or startups, ideally in roles that bridged strategy and execution. Clear and Confident Communication Ability to translate complex security concepts into clear language for both technical and non-technical audiences. Strong Risk and Threat Management Skills Deep background in risk assessment, threat modeling, and vulnerability management. Cloud and Infrastructure Mastery Practical experience with GCP, Azure, or AWS, combined with a strong understanding of infrastructure and API-level security. Secure Development Knowledge Familiarity with secure coding practices, especially in JavaScript/TypeScript, Go, and Node.js. DevSecOps and Automation Experience with modern security tooling and automating testing across build and deployment pipelines. Our tech stack includes: Frontend: Next.js + Tailwind (Typescript) Backend: FastAPI + Supabase (Python) Databases: PostgreSQL + MongoDB And we have internally built a super easy-to-use Machine Learning framework tailored to using Large Language Models in a flow-like sequence (akin to Pytorch + Langchain if you are familiar with those). It allows you to seamlessly integrate new functionality into the code base and we are also discussing whether to open-source it since it feels like magic!