Security Engineer

Job Description

Job Description

Who we are

We help enterprises unlock the future of AI, and realize untapped potential through a thoughtful approach to access, security, and scalability. We’re a growing startup at the forefront of enterprise GenAI infrastructure.  We are building a next-generation platform that empowers enterprises to securely adopt and manage advanced AI workflows. We know that successful technology adoption hinges on secure and appropriate access. Our founding team helped shape past technology revolutions — from pioneering secure API Management during the rise of mobile apps to driving enterprise AI adoption across Fortune 100 enterprises.

At the core of all we do is our team. We’re made up of builders, creators, and curious minds, on a mission to make AI safer, more responsible. Just as we are thoughtful about our products, we’re thoughtful about how we build teams and our culture. We believe with each addition to the team, culture can be enhanced. Take a look at what we value in our About Barndoor page. If this speaks to you, we’d love to hear from you!

How you’ll make an impact

Security is foundational to everything we build. As our core Security Engineer, you will directly continue to shape the architecture, policies, and culture that scale our secure software. The systems you design will enable our customers—enterprises with complex regulatory and operational needs—to safely deploy AI-powered agents at scale. Your work won’t just prevent breaches—it will enable trust, unlock innovation, and differentiate our platform in the market.

What You’ll Be Working On

While all roles have fluidity, here’s a sense of some of what you might work on at any given time.

Core responsibilities and role responsibilities include :

Responsibilities

• Audit and strengthen OAuth 2.0 and OIDC token flows across internal proxies, the control plane, and third-party integrations
• Identify and mitigate common and emerging threats in delegated authentication workflows
• Review and co-design REST, WebSocket, and streaming APIs with strong boundaries, secure defaults, and least-privilege access models
• Help define system boundaries for multi-agent, multi-tenant orchestration
• Integrate and tune automated CVE, SCA, and IaC scanning tools into CI / CD pipelines
• Convert security findings into high-signal engineering tickets with practical remediation paths
• Lead lightweight, iterative threat models for new features and services
• Define internal security baselines and policies, and mentor others to promote a strong security culture
• Favor automation-friendly controls over burdensome manual security processes
• Contribute to compliance initiatives such as SOC 2 and ISO 27001, supporting scalable security programs
• Leverage deep expertise in OAuth 2.0 / OIDC with real-world experience securing authentication flows in production systems
• Design secure APIs, review system architectures, and implement scalable authentication and authorization models
• Apply hands-on experience with supply chain and container security tools such as Trivy, Snyk, Grype, and Terraform scanning
• Demonstrate familiarity with modern identity platforms like Auth0, Okta, and Keycloak, and with Zero Trust models

Requirements

Soft Skills That Matter Here

Travel Requirements

Team connection is an important part of our culture. With a remote-friendly structure, we do require that our team be available to travel for in-person collaboration sessions and meetings. Some roles may have more travel than others. Typical team meetups are every 6-8 weeks, however, this may vary depending on team and business needs. We work to plan out our travel schedules in advance to give as much notice as possible.

Equal Opportunity Employer

We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate based on race, color, ancestry, national origin, citizenship, religion or creed, sex (including pregnancy, childbirth, and related conditions), sexual orientation, gender identity or expression, age, marital status, veteran status, disability, genetic information, or any other legally protected status. We believe that diverse teams build better products, and we strive to ensure that our hiring, development, and advancement practices are fair, equitable, and welcoming for everyone.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.