Security Engineer

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence. One person, one GPU.

If you'd like to build the world's best AI cloud, join us.

*Note: This position requires presence in our San Francisco or Bellevue office location 4 days per week; Lambda's designated work from home day is currently Tuesday.

About the Role

Lambda Security protects some of the world's most valuable digital assets: invaluable training data, model weights representing immense computational investments, and the sensitive inputs required to leverage best of breed AI models. We're responsible for securing every byte that powers breakthrough artificial intelligence.

As a Security Engineer on our Architecture team, you'll be the technical foundation of our security design decisions, creating security architecture patterns and standards that directly protect customer data and enable Lambda to be the safest place to build with AI.

Reporting to the Senior Manager of Security and collaborating closely with Product Engineering, Platform Engineering, and embedded Technical Program Managers, you'll drive security architecture improvements across our AI-focused infrastructure. Your work will span security design reviews, threat modeling, architecture patterns, and security requirements that scale with our rapid growth while maintaining the highest security standards.

You will work on creating security architecture patterns, conducting threat models and security reviews, establishing security requirements for engineering teams, and developing customer-facing security documentation. You'll have unique access to LLMs hosted on our own infrastructure to pioneer AI-powered security architecture solutions that wouldn't be possible anywhere else.

If you thrive on solving complex security design challenges in cutting-edge AI infrastructure and want to build security architectures that scale from hundreds to thousands of systems, we'd love to talk.

We value diverse backgrounds, experiences, and skills, and we are excited to hear from candidates who can bring unique perspectives to our team. If you do not exactly meet this description but believe you may be a good fit, please still apply and help us understand your readiness for this role. Your application is not a waste of our time.

What You'll Do

• Drive Security Architecture: Design and document comprehensive security patterns, standards, and implementation guides that engineering teams can adopt to build secure-by-default systems.
• Lead Security Reviews: Conduct security design reviews and develop threat models for critical systems, identifying risks and providing actionable recommendations.
• Develop Security Requirements: Create clear security requirements and acceptance criteria that integrate seamlessly into engineering development cycles.
• Build Security Solutions: Prototype and implement security controls, tools, and automation that demonstrate secure patterns and enable self-service security.
• Pioneer AI-Powered Architecture: Leverage Lambda's hosted LLMs to build next-generation security capabilities including automated threat modeling, AI-assisted security reviews, and intelligent architecture recommendations that push far beyond traditional approaches.
• Collaborate Across Engineering: Partner with Product and Platform Engineering teams to integrate security architecture requirements into their designs at optimal moments.
• Enable Customer Trust: Develop customer-facing security documentation, architecture whitepapers, and technical security content that demonstrates our security maturity.
• Mentor Security Excellence: Coach engineers across the organization on secure design principles and security architecture patterns, multiplying your impact.
• Drive Architectural Standards: Establish and maintain security architecture standards that protect critical assets while enabling development velocity.
• Advocate for Security: Communicate security architecture value to stakeholders, translating technical risks into business impact for informed decision-making.

What We Think a Candidate Needs to Demonstrate to Succeed

• Have 3+ years of security engineering or security architecture experience and 5+ years of total engineering experience, with demonstrated impact protecting enterprise infrastructure.
• Thrive in high-speed, high-ambiguity startup environments where you are constantly balancing security goals with business needs.
• Deep technical expertise in security architecture patterns, threat modeling methodologies, and security design principles.
• Excel at solving problems through design and prototyping in Python, Go, or similar languages.
• Proven ability to work effectively with cross-functional technical teams both with and without authority (we're all on the same team).
• Strong Linux systems experience in both bare metal and cloud environments, understanding infrastructure from kernel to application layer.
• Demonstrated experience driving security improvements that were enthusiastically adopted by engineering teams.
• Excellence at translating security architecture decisions into business risk, enabling stakeholders to make informed decisions.

Nice to Have

• You've led the security assessment and requirements for major platform components or enterprise systems.
• Experience driving or providing significant evidence for compliance audits, such as SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP.
• Deep experience with cloud security architecture and cloud provider security services (AWS, GCP, Azure).
• Experience with AI/ML system security, including model security, data pipeline protection, or adversarial threat modeling (yes, we know it's all brand new), or other high sensitivity workloads.
• You've developed security architecture patterns that were adopted across multiple engineering teams.
• Security certifications like CISSP, OSCP, or similar that demonstrate continued learning.
• Experience with infrastructure-as-code security patterns and secure DevOps practices.
• Excitement about leveraging our direct access to state-of-the-art LLMs to revolutionize security architecture-imagine AI-powered threat modeling, automated security design reviews, and intelligent architecture validation at a scale only possible when you host the AI infrastructure yourself.

Salary Range Information

The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.

About Lambda

• Founded in 2012, with 500+ employees, and growing fast
• Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove
• We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG
• Our values are publicly available: https://lambda.ai/careers
• We offer generous cash & equity compensation
• Health, dental, and vision coverage for you and your dependents
• Wellness and commuter stipends for select roles
• 401k Plan with 2% company match (USA employees)
• Flexible paid time off plan that we all actually use

A Final Note:

You do not need to match all of the listed expectations to apply for this position. We are committed to building a team with a variety of backgrounds, experiences, and skills.

Equal Opportunity Employer

Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.

---