We sell to enterprises from mid-market to Fortune 500 and security is one of the primary reasons they choose us. You will architect the core security foundation of our program: protecting our infrastructure, securing our product, and building the compliance posture that closes deals. This is a build-from-scratch role, not a maintain-and-operate one.
What You'll Do
Contribute to the design and evolution of the security program (cloud infrastructure, product security, identity, and risk management).
Architect and implement the technical tooling and automation for incident response and forensics.
Lead compliance audits and security reviews; build the trust posture that enables enterprise sales
Embed security into the SDLC: threat modeling, design reviews, and pre-launch sign-offs
Set guardrails for cloud security, own IAM and Zero Trust principles across internal systems
Manage security vendors and tooling; own the signal, not just the subscriptions
Report on risk and posture to leadership; grow security culture across engineering
What We're Looking For
Required1. Architecture & Engineering Foundation:
4+ years in security engineering or architecture at a B2B SaaS or enterprise software company, with a strong engineering background and proven experience developing enterprise software or systems.
Strong written communication: translates technical risk into business language for customers and executives.
2. Product & Cloud Security Expertise:
Hands-on cloud security in (Azure/AWS/GCP): IAM design, network segmentation, CSPM tooling, security monitoring.
Experience securing multi-tenant SaaS: data isolation, RBAC/ABAC, API security.
Familiarity with security tooling across the stack: CSPM, SIEM, EDR, vuln scanning, secrets management.
Experience with AI/ML application security: prompt injection, data pipeline integrity, model API abuse.
3. Compliance & Customer Engagement:
Deep familiarity with major compliance frameworks (e.g. SOC 2, HIPAA, GDPR, ISO 27001) and proven experience contributing to the audit/certification process.
Comfortable serving customers with different compliance maturity, knows what a mid-market customer needs vs. a Fortune 500 security team.
Nice to have
Broader compliance exposure (ISO 42001, FedRAMP, PCI-DSS)
Prior experience as a founding security hire, comfortable building from a blank page
CISSP, CISM, CCSP, or a cloud security specialty certification
Why Join Us
You will design the security program from the ground up, the decisions you make now will shape the company's posture for years
Security is a direct revenue driver here, not a cost center, closing enterprise deals faster is a measurable outcome you own
About Genspark
Genspark is an all-in-one AI Workspace on a mission to enable the 3-day work week for 1 billion+ knowledge workers. Founded in 2023, the company achieved $155M ARR in just 10 months—the fastest in the agent space.
