Security Engineer

Summary

Join Baseten, a rapidly growing ML infrastructure platform company, as a Security Engineer. As one of the first dedicated security hires, you will play a crucial role in building and maintaining our security posture. You will collaborate with engineering and operations teams, shaping our security strategy and best practices. Responsibilities include security architecture and design, vulnerability management, incident response, IAM, security compliance, employee training, and DevSecOps integration. This is a unique opportunity to contribute to a fast-paced startup in a dynamic field.

Requirements

• 3+ years of experience in a Security Engineer or similar security-focused role, preferably in a fast-paced startup environment
• Strong knowledge of cloud security (AWS/GCP), container security, and infrastructure-as-code best practices
• Hands-on experience with security tooling (SIEM, IDS/IPS, vulnerability scanners) and scripting languages to automate security tasks
• Familiarity with compliance frameworks such as SOC 2, ISO 27001, and GDPR, and the ability to translate requirements into actionable security controls
• Incident response expertise, including forensic analysis and root cause investigation
• Excellent communication skills and the ability to collaborate with cross-functional teams to promote a security-first culture

Responsibilities

• Collaborate with engineering teams to design and implement secure systems and infrastructure, including cloud (AWS/GCP) environments and container orchestration platforms
• Lead proactive vulnerability assessments, pen tests, and remediation efforts to ensure our products and infrastructure remain secure
• Develop and maintain incident response processes, including detection, analysis, containment, eradication, and post-incident reviews
• Oversee IAM strategies and tools to ensure the right people have the right level of access to our systems and data
• Work closely with operations to ensure compliance with relevant standards (e.g., SOC 2, ISO 27001) and assist with audits, policy creation, and risk assessments
• Develop and deliver security training programs and documentation to keep our team informed about best practices, social engineering threats, and secure coding standards
• Partner with DevOps teams to embed security into the CI/CD pipeline, automating security checks and fostering a culture of “security as code.”

Benefits

• Competitive compensation package (Unlimited PTO, 401k, covered healthcare premiums)
• A unique opportunity to be part of a rapidly growing startup in one of the most exciting engineering fields of our era
• An inclusive and supportive work culture that fosters learning and growth
• Exposure to a variety of ML startups, offering unparalleled learning and networking opportunities