Security Engineer
About the role
Lambda Security protects some of the world's most valuable digital assets: training data, model weights representing immense computational investments, and the sensitive inputs required to leverage best-of-breed AI models. We're responsible for securing every byte that powers breakthrough artificial intelligence. As a Security Engineer at Lambda, you'll touch many areas across the security program such as building detections, hardening infrastructure, reviewing designs, automating toil, and responding to incidents.
Responsibilities
- Build and Tune Detections: Develop and refine detection content across our SIEM and EDR to catch threats targeting customer data, model weights, and infrastructure.
- Respond to Incidents: Participate in on-call, lead investigations end-to-end, and turn each incident into automation, playbooks, or controls that prevent the next one.
- Harden Systems Directly: Remediate vulnerabilities and security findings in production, partnering with engineering teams when fixes cross team boundaries.
- Review Architectures and Code: Provide actionable security feedback on high-level designs and individual changes, and turn recurring review patterns into reusable standards.
- Build Security Tooling: Ship Python or Go services that automate evidence collection, vulnerability triage, and other toil, using Lambda's hosted LLMs where they meaningfully accelerate the work.
- Partner Across Engineering: Work with Product Engineering, Data Center Operations and Engineering, IT, and Legal to land security improvements at the moments they're cheapest to adopt.
- Balance Strategic and Tactical: Recognize when to invest in a long-term fix versus when "good enough" is exactly that, and bias toward measurable forward progress.
Requirements
We're looking for someone with 5+ years of demonstrated security engineering experience, either directly as a security engineer or as an engineer driving security outcomes. We also welcome equivalent backgrounds: significant formal security training paired with strong engineering experience. A track record of working across security domains; for example, shipping detection work in one role and architecture, platform, or vulnerability management work in another. We don't expect mastery of every domain; we do expect demonstrated breadth and eagerness to learn. Thrives in high-speed, high-ambiguity startup environments where priorities shift regularly and structure must be built while executing. Strong hands-on Linux experience that showcases your ability to protect both our applications and the cloud we build underneath them. Comfortable solving problems in Python, Go, or a similar language, with the discipline to ship production-grade tooling rather than only one-off scripts. Excellent collaboration with technical teams both with and without authority (we're all on the same team!).
Qualifications
Nice to Have:
- You've led or developed a meaningful component of a security program (detection & response, security architecture, platform/tooling, vulnerability management, GRC operations, etc.).
- Experience driving or providing significant evidence for compliance audits such as SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP.
- Significant experience operating large-scale production services (e.g., SRE across thousands of hosts) or with virtualization at scale (KVM, Hyper-V, Xen).
- You've built or deployed critical security infrastructure such as SIEM, SOAR, EDR, IDS/IPS, or canary/honeypot systems.
- Experience with AI/ML infrastructure security, model security, or protecting high-value computational workloads.
- Enthusiasm about leveraging direct access to state-of-the-art LLMs to push security operations beyond the status quo, including through automated triage, intelligent alert correlation, AI-assisted code review.
What We Think a Candidate Needs to Demonstrate to Succeed
Your application is not a waste of our time. What You'll Do Build and Tune Detections: Develop and refine detection content across our SIEM and EDR to catch threats targeting customer data, model weights, and infrastructure. Respond to Incidents: Participate in on-call, lead investigations end-to-end, and turn each incident into automation, playbooks, or controls that prevent the next one. Harden Systems Directly: Remediate vulnerabilities and security findings in production, partnering with engineering teams when fixes cross team boundaries. Review Architectures and Code: Provide actionable security feedback on high-level designs and individual changes, and turn recurring review patterns into reusable standards. Build Security Tooling: Ship Python or Go services that automate evidence collection, vulnerability triage, and other toil, using Lambda's hosted LLMs where they meaningfully accelerate the work. Partner Across Engineering: Work with Product Engineering, Data Center Operations and Engineering, IT, and Legal to land security improvements at the moments they're cheapest to adopt. Balance Strategic and Tactical: Recognize when to invest in a long-term fix versus when "good enough" is exactly that, and bias toward measurable forward progress.
About Lambda
Founded in 2012, with 500+ employees, and growing fastOur investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent CoveWe have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOGOur values are publicly available: https://lambda.ai/careers
We offer:
- Generous cash & equity compensation
- Health, dental, and vision coverage for you and your dependents
- Wellness and commuter stipends for select roles
- 401k Plan with 2% company match (USA employees)
- Flexible paid time off plan that we all actually use
Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.