PermitFlow · 22 hours ago
Security Engineer
New York City, NY
Full-time
Hybrid
Senior Level
$175K/yr - $250K/yr
5+ years expPermitFlow is redefining how America builds through applied AI, assisting construction companies with navigating permitting and compliance challenges. As a Security Engineer, you will focus on architecting and implementing security solutions, ensuring compliance and risk reduction while collaborating across teams to enhance security in the software development lifecycle.
Artificial Intelligence (AI)ConstructionEnterprise SoftwareSoftware
Responsibilities
Architect, design, and implement secure, compliant, scalable, and cost-efficient infrastructure solutions to protect a rapidly growing product
Lead the execution and maintenance of our SOC2 compliance program and other security-related certifications
Design, implement, and audit Role-Based Access Controls (RBAC), Identity and Access Management (IAM), and secrets management systems
Design and implement security best practices for backend, frontend services, APIs, and data pipelines
Own security features end-to-end, from architecture and implementation to testing and production deployment
Develop and maintain security automation, Infrastructure as Code, and secure CI/CD pipelines
Implement and manage security monitoring, threat detection, and vulnerability management across our cloud infrastructure
Establish and enforce security best practices for authentication, authorization, logging, and alerting
Lead and participate in incident response, troubleshooting complex security issues and driving postmortem learning and improvements
Collaborate across engineering teams to embed security into the software development lifecycle and balance compliance, velocity, and cost
Qualification
Required
5+ years of experience in Security Engineering, AppSec, GRC, or similar roles
Proven experience designing and implementing security controls for SOC2, ISO 27001, or similar compliance frameworks
Deep expertise in Role-Based Access Controls (RBAC), Identity and Access Management (IAM), and secrets management
Strong experience with container security and orchestration (Docker, ECS, Kubernetes a plus)
Expertise with secure CI/CD pipelines and modern security automation tools
Coding and scripting proficiency (TypeScript, Python, Go, Bash, etc.)
Hands-on experience with cloud security (GCP preferred) and securing distributed systems
Familiarity with monitoring, observability, and incident management best practices
Comfortable working in a fast-paced, compliance-focused startup environment, where adaptability and security ownership are essential
Benefits
Comprehensive medical, dental, and vision coverage
Flexible PTO and paid family leave
Home office & equipment stipend
Hybrid NYC office culture (3 days in-office/week) with direct access to leadership
In-Office Lunch & Dinner Provided
Company
PermitFlow
PermitFlow is a construction permitting software that simplifies the permit preparation and submission process.
51-200 employees
H1B Sponsorship
PermitFlow has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (1)
Funding
Current Stage
Growth StageTotal Funding
$90.5MKey Investors
AccelKleiner PerkinsInitialized Capital
2025-12-02Series B· $54M
2024-02-21Series A· $31M
2023-05-08Seed· $5.5M
Leadership Team
Samuel Lam
Co-Founder & CTO
Recent News
2026-01-16
2026-01-08
2025-12-11
Company data provided by crunchbase