Principal Security Engineer, Infrastructure
Emeryville, California, United States of America
Full Time
2 hours ago
$175,000 - $250,000 USD
No H1B
Key skills
AnsibleCloudTerraformAIMachine LearningIAMSSOSaaSChange Management
About this role
Role Overview
- Own Profluent’s overall security and compliance posture across company systems, scientific computing, lab automation, endpoints, identity, SaaS, cloud infrastructure, networking, and data-handling workflows, and be accountable for the ongoing maturity of security controls and practices across those environments
- Lead the implementation and operational maturity work required for Profluent to achieve and maintain SOC 2 and related compliance certification requirements, including control operation, evidence collection, monitoring, and repeatable processes
- Serve as the primary owner for security and compliance readiness across company systems, ensuring that Profluent can meet ongoing audit, certification, and customer assurance requirements over time
- Own the translation of customer agreements, internal policies, and compliance requirements into concrete technical and operational controls
- Standardize and harden bioinformatics, lab informatics, and machine learning environments to align with security, reliability, and compliance requirements
- Define and drive adoption of secure baseline configurations, access controls, logging, backup practices, patching standards, and change management processes
- Own and evolve how Profluent approaches security more broadly, identifying gaps, prioritizing risks, and driving improvements beyond minimum compliance scope
- Drive standardization of Windows-based lab automation environments, balancing security, uptime, vendor constraints, and usability in laboratory settings
- Collaborate with stakeholders to document controls, system boundaries, standard operating procedures, and technical evidence needed for audits, certification efforts, and customer reviews
- Support vendor and platform evaluations related to security, observability, endpoint management, and infrastructure operations
- Improve identity, access, and account lifecycle management across company systems, including onboarding, offboarding, least-privilege access, and periodic access review support
- Monitor key systems and respond to operational issues with an emphasis on root-cause analysis and durable remediation
- Maintain asset, system, and environment documentation so that critical processes are auditable, supportable, and repeatable
Requirements
- Experience operating with broad ownership across infrastructure, security, and compliance in regulated, audit-conscious, or security-sensitive environments
- Experience serving as the most senior or primary security owner in a startup or scaling environment, even without a large dedicated security team
- Breadth across infrastructure security, corporate security, IAM, endpoint management, logging and monitoring, vulnerability reduction, incident response, vendor risk, and compliance
- Demonstrated ability to take ownership in ambiguous environments and set direction, not just execute within a narrowly defined specialty
- Familiarity with Windows-based lab automation systems and the realities of instrument-connected or vendor-managed environments
- Experience implementing or operating against security and compliance frameworks such as SOC 2, ISO 27001, NIST CSF, or similar
- Strong understanding of identity and access management, SSO, MFA, endpoint management, logging, patching, vulnerability reduction, and system hardening
- Ability to translate compliance and contractual data-handling requirements into concrete technical and operational controls
- Strong documentation skills, with the ability to create policies, procedures, standards, and technical runbooks that others can follow
- Experience preparing organizations for, achieving, or maintaining external compliance certifications or audit readiness
- Experience with infrastructure as code and/or configuration management tools such as Terraform, Ansible, or equivalent
- Experience administering Windows environments, preferably including systems used in laboratory, automation, manufacturing, or instrument-connected settings
Tech Stack
- Ansible
- Cloud
- Terraform
Benefits
- Competitive compensation package with equity participation
- Comprehensive benefits including health/dental/vision insurance
- Generous PTO policy and commitment to work-life balance
- Professional development opportunities in a cutting-edge field at the intersection of AI and biology