Security Engineer

Why BleeBlee is an AI-first marketing content compliance platform. PayPal, NerdWallet, and Brex already trust us. We're YC-backed, founded by an ex-Adobe marketing ops leader and former lawyer, and we're defining a category that didn't exist two years ago—across Fintech, Financial Services, CPG, Travel, and Life Sciences..With offices in San Francisco and New York, we value in-person work but offer remote-opportunities for the right people. No matter where you join us, you can expect quarterly off-sites and opportunities to join other offices when you feel it’s important. You’ll be joining a team that values clarity, ownership, and shared responsibility—and is focused on building something that genuinely improves how teams work.The RoleThis is a Security Engineer role for someone who wants to own security end-to-end at a fast-growing startup. You will be the first dedicated security hire, responsible for building and maintaining our security posture from SOC 2 compliance to infrastructure hardening to enterprise security reviews.Growth TrajectoryThis role is designed for someone who wants to build a security program from the ground up. As Blee scales, you will grow into a security leadership role, shaping the team and strategy as the company's customer base and regulatory requirements expand.What You'll DoOwn and drive compliance certifications – SOC 2 Type II, ISO 27001, and related frameworks (GDPR, CCPA, HIPAA, PCI-DSS)Design and operate scalable, secure infrastructure – For real-time systems and AI batch pipelinesBuild security practices and tooling that scale – Not just compliance checkboxes, but engineering-first security that grows with the companyHarden cloud infrastructure – Access control, secrets management, audit logging, and vulnerability managementImprove CI/CD pipelines and developer experience – When not on core security work, accelerate developer workflows and occasionally contribute to product featuresWho You AreSecurity-obsessed – you think in threat models and attack surfaces by defaultA builder who thrives in ambiguity – you've stood up security programs, not just maintained themComfortable owning ambiguous problems end-to-end without a dedicated security team around youEqually at home writing security policies and shipping infrastructure improvementsProactive and self-directed; you identify risks before they become incidentsExcited to be an early security hire and shape the function from scratchWho You'll Work With & Learn FromYou will partner closely with Blee's engineering leadership and infrastructure team. This role gives you direct exposure to how security and infrastructure shape trust and velocity at a high-growth startup.Requirements4+ years of experience in security engineering or infrastructure securityHave personally taken at least one company through SOC 2 Type II – you know the audit process, the evidence collection, and the gotchasHands-on with cloud security (AWS, GCP, or Azure) and modern infrastructure tooling (Terraform, Kubernetes, etc.)Based in SF or NYC & willing to come into the office 3 days a weekHow We WorkWe have offices in New York and San Francisco and value in-person collaboration, but we're open to remote for the right person. Wherever you're based, expect quarterly off-sites and the chance to spend time in our other offices when it matters.What You’ll GetCompetitive salary and equity packageQuarterly get-togethersFully paid medical, dental, and vision insuranceFree access to OneMedicalCompany-paid life insuranceCompany-sponsored 401kUnlimited PTO (with mandatory 15 days off)Financial support for work-adjacent learning opportunitiesLeaders who say “yes” more often than no to whatever helps make you more successfulBlee is an equal opportunity employer and does not discriminate on the basis of race, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition, or any other basis protected by law.Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time