Lead Security Engineer
Overview
Liberate builds AI agents to automate manual tasks for the insurance industry. We are a startup backed by top-tier venture firms and are currently seeking a Lead Security Engineer to join our team.
Mission
Ensure Liberate’s product is measurably safer and compliant as we scale our agentic workflows. Drive security and compliance practices that allow us to ship fast without compromising on safety or compliance.
Responsibilities
Own product security end to end, including threat modeling, secure design reviews, and high risk architecture decisions.
Build secure SDLC practices that engineers actually follow, including security requirements, CI checks, security test coverage, and safe defaults.
Drive multi tenant and data boundary safety, including secrets handling, key management patterns, and blast radius reduction.
Partner with Engineering leaders to make security part of how we build, not a separate lane.
Influence roadmap tradeoffs with clear risk framing and concrete mitigations.
Own SOC 2 and related compliance programs end to end, including control design, implementation, and ongoing effectiveness.
Ensure compliance requirements are translated into real technical controls and engineering workflows, not manual or checklist driven processes.
Partner with Engineering, Product, and Ops to embed compliance controls into systems, CI pipelines, and defaults.
Lead audits and external reviews with a strong internal posture, clear ownership, and minimal disruption to engineering teams.
Run vulnerability management for the product, including triage, prioritization, remediation, pen tests, and third party reviews.
Own communication and coordination during security incidents, ensuring calm execution and clear accountability.
Requirements
Deep product security background in modern cloud systems, ideally multi tenant SaaS.
Strong engineering chops. You can review designs, spot systemic risk, and drive pragmatic solutions.
Experience building and owning security and compliance programs in high growth environments, including shift left security, developer enablement, and security architecture decisions.
Calm operator during incidents, with crisp communication and high trust with engineering teams.
Comfortable being the first dedicated product security hire and defining the role in partnership with Engineering and Product leadership.
Experience
8+ years in security engineering, product security, or platform security roles.
4+ years owning security architecture or security programs for a production SaaS product.
Demonstrated ownership of SOC 2 or similar compliance programs in a fast moving environment.
Prior experience operating in an early stage or high growth company where security and compliance systems had to be built, not inherited.
Success
SOC 2 and related compliance programs run predictably, with minimal fire drills.
Fewer high severity security incidents and a smaller blast radius when issues happen.
Security and compliance checks become defaults in the system, not heroics by individuals.
Engineers ship faster because risk, security, and compliance expectations are clear by design.
Compensation
Boston: $180,000 - $240,000 + equity
San Francisco: $190,000 - $250,000 + equity
Contact
To apply, please visit our careers page and submit your application.