Jobs · Information Technology · California

Security Engineer

HeyGen · San Francisco, CA · 1 wk ago
On-siteInformation TechnologyFull-time

Key Responsibilities

  • Partner with engineering teams as an embedded security expert — writing code, reviewing architectures, and building secure application features and infrastructure components from the ground up.
  • Design and implement automated fraud detection systems to mitigate platform abuse, credential stuffing, and payment fraud. Partner with product and engineering to build real-time monitoring and rapid-response remediation workflows.
  • Own the strategy and execution for hardening our AWS/Python infrastructure. Build and run a robust vulnerability management program, including network security, cloud configuration, and remediation workflows.
  • Serve as HeyGen's point person for AI and agentic system security. As we scale our agentic coding and AI agent products, you will ensure these rollouts are designed and deployed with strong security controls.
  • Oversee our SOC 2 compliance operations (currently managed via Drata) and annual audit cycles. Evaluate and roadmap future certifications, including ISO 27001, as the business scales.
  • Provide high-level oversight for platform abuse and content moderation (in partnership with growth and avatar teams), and serve as the escalation point for IT security incidents.

Qualifications

  • Strong software engineering background with hands-on Python and AWS experience; you write code, not just policies.
  • Demonstrated experience securing cloud infrastructure and applications — vulnerability management, network security, IAM, and secrets management.
  • Familiarity with GRC frameworks and compliance programs (SOC 2, ISO 27001, or equivalent).
  • Excellent communication skills: able to translate threat models for engineers, compliance requirements for auditors, and security architecture for enterprise CISOs.
  • Comfortable with ambiguity and rapid scale; you prioritize ruthlessly and know when to build vs. buy.
  • Experience with modern security tooling is a plus (Drata, Infisical, Bugcrowd, or equivalents).

Similar jobs

Security Engineer

AnaVation LLCWashington, United States· 5 days ago
Information Technologyapply on adzuna.com

Security Engineer

Sensiba LLPCalifornia, United States· 3 days ago
RemoteInformation Technology$97k–$145k/yrapply on sensiba.pinpointhq.com

Security Engineer

TruistCharlotte, NC· 4 days ago
Information Technologyapply on careers.truist.com

Security Engineer

United States Cold Storage, Inc.Camden, NJ· 1 wk ago
Information Technology$100k–$120k/yrapply on recruiting.ultipro.com

Security Engineer

Candid HealthDenver, CO· 1 mo ago
Information Technologyapply on joincandidhealth.com

Security Engineer

Candid HealthNew York, NY· 2 wk ago
Information Technologyapply on joincandidhealth.com