Senior Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Paragon · 19 hours ago

Senior Security Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
money$165K/yr - $190K/yr
date5+ years exp

Paragon is an embedded integration infrastructure platform for B2B SaaS and AI products. They are seeking a Senior Security Engineer to own security end-to-end across their product, infrastructure, and organization, partnering closely with various teams to ensure the safety of their platform and customer data while building a robust security program.

Data Center AutomationData IntegrationDeveloper APIsProductivity ToolsSaaS
check
H1B Sponsor Likelynote

Responsibilities

Company-wide security posture across application, infrastructure, and internal systems
Secure SDLC: how we design, build, test, and release secure software
Cloud & infrastructure security in our AWS, GCP, and Azure environments
Vulnerability management: from discovery to prioritization and remediation
Security governance & compliance, including SOC 2, HIPAA, and customer requirements
Incident readiness & response, including playbooks, tooling, and training
Security story for customers: helping sales and customer success win and retain larger customers
Partner with engineering and product to design secure architectures and features
Introduce and maintain a secure SDLC: threat modeling, design reviews, secure coding guidelines
Implement and manage tooling such as SAST/DAST, dependency and container scanning integrated into CI/CD
Triage and prioritize vulnerabilities; drive remediation with engineering teams
Harden our cloud environment (e.g., AWS IAM, VPCs, security groups, KMS, secrets management)
Define and enforce secure-by-default baselines using infrastructure-as-code (e.g., Terraform)
Establish logging, monitoring, and alerting for key security events
Collaborate with platform/infra engineers to build guardrails instead of gates
Own and evolve core security policies (access control, change management, incident response, vendor management, etc.)
Lead our SOC 2 program (and future frameworks as needed): mapping controls, evidence, and audits
Run access reviews and vendor security reviews on a regular cadence
Define and maintain incident response plans, runbooks, and playbooks
Lead incident investigations when they occur and coordinate cross-functional response
Run tabletop exercises and post-incident reviews; ensure learnings translate into durable improvements
Provide training and enablement for engineers and staff on secure practices
Be the security point of contact for customer questionnaires, RFPs, and enterprise security reviews
Help sales and customer success articulate our security posture clearly and credibly

Qualification

Security EngineeringCloud SecurityApplication SecurityGovernance & ComplianceSecurity ToolingInfrastructure as CodeIncident ResponseCollaborationLeadershipCommunication Skills

Required

~5+ years in security engineering or related roles (AppSec, Infra/Cloud Sec, Product Security)
Strong experience securing cloud-based SaaS products in production
Deep hands-on experience with AWS/GCP/etc. security primitives (IAM, VPC, KMS, security groups, CloudTrail/CloudWatch, etc.)
Comfortable working with infrastructure-as-code (Terraform or similar)
Strong understanding of common web and API vulnerabilities (OWASP Top 10, real-world exploit patterns)
Experience working with product/engineering teams to prevent issues by design, not just fix them later
Experience deploying and tuning security scanners and monitoring tools
Comfortable scripting in Python, Bash, or similar to automate checks and workflows
Hands-on experience with SOC 2, ISO 27001, or similar frameworks (setting up or maintaining controls)
Ability to translate technical controls into auditor- and customer-friendly language
You're comfortable being the go-to security voice in a growing company
You can influence without heavy process, earning trust with engineers, PMs, and leadership
Strong written and verbal communication skills; you can explain tradeoffs in plain language

Preferred

Experience as a first or early security hire at a startup
Experience with detection & response (SIEM, EDR, alert tuning)
Prior involvement in customer-facing security reviews and complex security questionnaires
Familiarity with privacy and data protection topics (e.g., GDPR) in a SaaS context

Company

Paragon

twittertwittertwitter
company-logo
Paragon is an embedded integration platform for SaaS apps, enabling companies to build products that integrate with the SaaS ecosystem.
dateFounded in 2019
location
Los Angeles, California, USA
people-size11-50 employees
web-link
https://www.useparagon.com

H1B Sponsorship

Paragon has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (1)
2022 (1)

Funding

Current Stage
Early Stage
Total Funding
$21.15M
Key Investors
Inspired Capital PartnersY Combinator
2024-10-29Series Unknown· $5.5M
2022-07-27Series A· $13M
2020-07-28Seed· $2.5M

Leadership Team

leader-logo
Brandon Foo
CEO & Co-Founder
linkedin
leader-logo
Ishmael Samuel
Chief Technology Officer / Co-founder
linkedin

Recent News

Techdirt
ICE Is Going On A Surveillance Shopping Spree
2026-01-16
Digital Music News
Latest Music Industry Hires: Warner Music, CAA, UMG UK, Believe, Babygrande Records, Paragon, Bucks Music Group, More
2025-12-16
Pulse 2.0
Tradespace Acquires Paragon To Expand AI Patent Drafting Capabilities
2025-11-11
Company data provided by crunchbase