Original listing text, shown exactly as published by the company.
The Role
We're looking for a deeply technical Security Operations Engineer to own and evolve the security infrastructure supporting Maven AGI's AI platform. You'll design, build, and operate the controls, detection pipelines, and incident response systems that keep our platform compliant with SOC 2, HIPAA, and enterprise customer requirements as we scale. This
is a high-leverage role where your work directly impacts platform availability,
developer velocity, and customer trust.
Key Responsibilities
- Own the security posture of our infrastructure, including Kubernetes clusters: admission control, network policy, runtime threat detection, and workload isolation
- Harden CI/CD pipelines against supply chain threats: SAST/DAST, SBOM generation, signed artifacts, and dependency scanning across a large-scale monorepo
- Design, implement, and maintain security infrastructure across cloud providers (Azure, AWS, GCP) using infrastructure-as-code (Pulumi, Terraform, Helm)
- Build and operate detection and response capabilities (SIEM, audit logging, alerting) and lead incident response end-to-end: from triage to forensics to postmortem
- Support compliance programs (SOC 2, HIPAA, ISO): evidence automation, control mapping, audit readiness, and customer security reviews
- Manage identity, secrets, and access controls across cloud, SaaS, and Kubernetes, enforcing least privilege and short-lived credentials by default
- Address AI-specific risks (model access, prompt injection, data exfiltration) as we expand our agent platform
- Evaluate and adopt new tooling to reduce manual toil and scale security coverage as the company grows
Required Qualifications
- 3-7 years of professional Security Engineering, DevOps, or SRE experience
- Strong infrastructure-as-code and policy-as-code skills
- Hands-on experience securing CI/CD systems (GitHub Actions, ArgoCD): supply chain controls, secret scanning, signed builds
- Deep experience with detection and response tooling (SIEM, EDR, audit logging) and leading incidents end-to-end
- Proficiency in at least one scripting/programming language (Python, Go, TypeScript, or Bash) for automation and tooling
- Solid understanding of cloud security across IaaS providers: IAM, networking, DNS, TLS, KMS, and identity federation
- Experience securing Kubernetes in production (AKS, EKS, or GKE): RBAC, network policy, admission control, runtime security
- Working knowledge of at least one compliance framework (SOC 2, HIPAA, ISO 27001, GDPR) and the engineering work behind audit readiness
- Strong communication and cross-team collaboration skills: security at a startup is a partnership, not a gate
- Organized, detail-oriented, comfortable operating in a ticketing environment
- Thrives in fast-paced startup environments
Nice-to-Haves
- Compliance automation experience (Vanta, Drata, or in-house evidence collection)
- Experience with multi-cloud or hybrid (cloud + on-prem) deployments
- Background in offensive security, red teaming, or CTF
- Contributions to open-source security tooling
