Product Security Engineer, Cloud & Infrastructure
Product Security Engineer, Cloud & Infrastructure
Austin, TX
Austin, TX
Job details
Apply
About Haleos
We're building the future of how startups are built and scaled. Haleos is developing a comprehensive AI-powered platform that transforms the startup journey through intelligent guidance and systematic approaches. We're solving fundamental challenges in the entrepreneurial ecosystem using cutting-edge artificial intelligence.
The Role
As a Product Security Engineer focused on Cloud & Infrastructure, you will architect and implement security controls across our cloud-native platform. You'll design security systems that protect sensitive business data, ensure privacy isolation across user namespaces, and maintain compliance with enterprise security standards. Your work will be foundational in building trust as we scale to serve thousands of startups and investors.
You Will
Design and implement security architecture for multi-tenant SaaS infrastructure with strict namespace isolation
Build security controls for AI systems handling sensitive business, financial, and communications data
Architect and maintain security for real-time data synchronization across multiple third-party integrations
Implement threat detection and monitoring systems to identify and respond to security incidents
Conduct security assessments and penetration testing of cloud infrastructure and applications
Design and enforce security policies for API authentication, authorization, and rate limiting
Build automated security scanning and vulnerability management systems within CI/CD pipelines
Lead security compliance efforts including SOC 2, GDPR, and other relevant frameworks
Perform threat modeling for new features and architectural changes
Develop security monitoring dashboards and incident response playbooks
Collaborate with engineering teams to establish secure development practices and security-by-design principles
Manage secrets, encryption keys, and access control systems across the platform
Must Have
4+ years of experience in cloud security, application security, or infrastructure security
Strong understanding of cloud security controls in AWS, GCP, or Azure
Experience securing multi-tenant SaaS applications with strict data isolation requirements
Proficiency with security tools and frameworks (OWASP, NIST, CIS benchmarks)
Experience with identity and access management (IAM), OAuth, SAML, and authentication systems
Knowledge of encryption at rest and in transit, including key management best practices
Experience with security monitoring and SIEM tools (Splunk, Datadog Security, or similar)
Strong understanding of API security, including rate limiting, token management, and threat protection
Familiarity with container security (Docker, Kubernetes) and infrastructure-as-code security
Experience conducting security reviews, threat modeling, and risk assessments
Nice to Have
Experience securing AI/ML systems and vector databases
Background in security for data integration platforms or ETL systems
Knowledge of webhook security and event-driven architecture security patterns
Experience with compliance automation and continuous compliance monitoring
Familiarity with privacy-preserving technologies and data anonymization techniques
Understanding of financial data security requirements and banking integrations (PCI DSS)
Experience with bug bounty programs and coordinated vulnerability disclosure
Knowledge of supply chain security and third-party risk management
Background in security for real-time communication systems
Experience with zero-trust security architecture
Certifications such as CISSP, OSCP, CEH, or cloud security certifications
Benefits & Compensation
Competitive salary and equity package
Health, dental, and vision insurance
401(k) with company match
Flexible PTO policy
Remote-friendly work environment
Professional development budget
Opportunity to establish security foundations at an early-stage company
Note: Due to our current stealth development phase, additional product details will be shared during the interview process.
Hybrid
Austin, TX
Software Engineering
Job details
Apply
About Haleos
We're building the future of how startups are built and scaled. Haleos is developing a comprehensive AI-powered platform that transforms the startup journey through intelligent guidance and systematic approaches. We're solving fundamental challenges in the entrepreneurial ecosystem using cutting-edge artificial intelligence.
The Role
As a Product Security Engineer focused on Cloud & Infrastructure, you will architect and implement security controls across our cloud-native platform. You'll design security systems that protect sensitive business data, ensure privacy isolation across user namespaces, and maintain compliance with enterprise security standards. Your work will be foundational in building trust as we scale to serve thousands of startups and investors.
You Will
Design and implement security architecture for multi-tenant SaaS infrastructure with strict namespace isolation
Build security controls for AI systems handling sensitive business, financial, and communications data
Architect and maintain security for real-time data synchronization across multiple third-party integrations
Implement threat detection and monitoring systems to identify and respond to security incidents
Conduct security assessments and penetration testing of cloud infrastructure and applications
Design and enforce security policies for API authentication, authorization, and rate limiting
Build automated security scanning and vulnerability management systems within CI/CD pipelines
Lead security compliance efforts including SOC 2, GDPR, and other relevant frameworks
Perform threat modeling for new features and architectural changes
Develop security monitoring dashboards and incident response playbooks
Collaborate with engineering teams to establish secure development practices and security-by-design principles
Manage secrets, encryption keys, and access control systems across the platform
Must Have
4+ years of experience in cloud security, application security, or infrastructure security
Strong understanding of cloud security controls in AWS, GCP, or Azure
Experience securing multi-tenant SaaS applications with strict data isolation requirements
Proficiency with security tools and frameworks (OWASP, NIST, CIS benchmarks)
Experience with identity and access management (IAM), OAuth, SAML, and authentication systems
Knowledge of encryption at rest and in transit, including key management best practices
Experience with security monitoring and SIEM tools (Splunk, Datadog Security, or similar)
Strong understanding of API security, including rate limiting, token management, and threat protection
Familiarity with container security (Docker, Kubernetes) and infrastructure-as-code security
Experience conducting security reviews, threat modeling, and risk assessments
Nice to Have
Experience securing AI/ML systems and vector databases
Background in security for data integration platforms or ETL systems
Knowledge of webhook security and event-driven architecture security patterns
Experience with compliance automation and continuous compliance monitoring
Familiarity with privacy-preserving technologies and data anonymization techniques
Understanding of financial data security requirements and banking integrations (PCI DSS)
Experience with bug bounty programs and coordinated vulnerability disclosure
Knowledge of supply chain security and third-party risk management
Background in security for real-time communication systems
Experience with zero-trust security architecture
Certifications such as CISSP, OSCP, CEH, or cloud security certifications
Benefits & Compensation
Competitive salary and equity package
Health, dental, and vision insurance
401(k) with company match
Flexible PTO policy
Remote-friendly work environment
Professional development budget
Opportunity to establish security foundations at an early-stage company
Note: Due to our current stealth development phase, additional product details will be shared during the interview process.
© 2026 Haleos, Inc.