Senior Information Security Engineer
About the role
To thrive as a company and meet our impact goals, we must cultivate a culture of high-performance. You can read about our culture principles here. We know managers are often the single-largest driver of employee satisfaction and growth, and our talent is our biggest asset. Because of that, we’ve identified consistent expectations for all of Guild’s people managers — helping you know what to expect from your experience here.
Responsibilities
- Identify security issues and risks with Guild’s systems and environments.
- Develop and execute remediation/mitigation plans that provide long term risk reduction.
- Collaborate with cross-functional engineering teams to integrate and advance security standards within a comprehensive enterprise application security program.
- Serve as a strategic partner to engineering squads, providing expert guidance on the integration and remediation of findings from SAST, DAST, and SCA tools.
- Design and enforce robust security architectures across the company’s AWS ecosystem.
- Architect and implement security controls for agentic AI systems, including identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement).
- Develop comprehensive threat models and conduct realistic threat simulations across Guild's offerings, including LLMs, AI agents, and MCP components.
- Develop and tune security policy within various security tools and platforms (CNAPP, EDR, Email Gateway, Vulnerability Management, SIEM, etc…).
- Maintain SOC-2 compliance and assist with audit/client related requests.
- Assist with incident response and investigation activities.
- Fulfill regular on-call responsibilities as part of a team rotation.
Requirements
- Thorough understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes.
- Proven experience with software development methodologies and secure coding practices.
- 5+ years of industry experience in security engineering, with meaningful focus on cloud security and application security.
- Excellent problem-solving and analytical skills.
- Strong communication skills, both written and verbal, for collaborating with technical and non-technical teams.
- Ability to work independently, prioritize tasks, and manage multiple security projects simultaneously.
Preferred Competencies
- Solid understanding of LLMs, AI architecture patterns, machine learning models, and related technologies (e.g., MCP, RAG, agentic frameworks).
- Experience with container security, kernel-level hardening, and modern isolation techniques.
- AWS Certifications.
Benefits
- Access to low-cost, high-quality health care options through Collective Health and Kaiser (due to coverage limitations, Kaiser is currently only available in CA & CO).
- Access to a 401k to help save for the future.
- Vacation policy to rest and recharge.
- 8 days of fully-paid sick leave, to take the time to heal and or recover.
- Family-friendly benefits, including 12 weeks of parental leave for non-birthing parents and 18-20 weeks for birthing parents; 2-week ramp-up period for when employees return from a leave of 6 weeks or more; as well as employer-paid short-term and long-term disability, employer-sponsored life insurance, fertility and caregiving benefits.
- Well-rounded wellness benefits including free and low cost mental health resources and financial wellbeing support services.
- Education benefits and tuition assistance to help your future development and growth.
Pay
This role offers a competitive total compensation package, including a base salary of $150,000 - $180,000 and stock options. Compensation offered will be based on a combination of factors such as experience, competencies, and internal equity.
Schedule
Our home and headquarters in Denver, but some of our roles allow for remote work, allowing us to reach the best talent across the US. Please refer to the job location referenced below the job posting title to determine location. Roles based outside of our Denver office can sit in any of the following 32 states: AZ, CA, CO, CT, FL, GA, ID, IL, IN, KS, MA, MD, ME, MI, MN, MO, NC, NH, NJ, NV, NY, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI and Washington D.C.