Security Engineer

We’re hiring a Security Engineer to secure the systems and products that power Antimetal’s investigation and automation engine.

You’ll design and implement the frameworks that keep our infrastructure, applications, and data safe — embedding security directly into how we build and scale.

About Antimetal

Antimetal is building the future of infrastructure management. We're starting by creating a platform that investigates, resolves, and prevents issues—giving engineers their time back to focus on what they do best: building great products.

What You’ll Do:

• Lead security initiatives across infrastructure, applications, and integrations, embedding security into every layer of the stack.

• Design and implement secure-by-default architecture in AWS/GCP, including IAM, networking, and VPC security.

• Harden Antimetal’s core systems and APIs against evolving threats, with a focus on multi-tenant security and customer data protection.

• Build and enforce security guardrails in CI/CD and infrastructure-as-code pipelines (Terraform, ArgoCD).

• Develop and maintain detection, monitoring, and response capabilities for real-time incident management.

• Partner with engineering to integrate security reviews, threat modeling, and secure coding practices into everyday workflows.

• Define and uphold compliance and data-protection standards (SOC 2, ISO 27001, GDPR, etc.).

What you bring:

• 5–8 years of engineering experience, with significant time in security engineering or cloud security roles.

• Deep expertise in cloud platforms (AWS/GCP), with a strong grasp of IAM, networking, and container security (Docker/Kubernetes).

• Strong background in infrastructure-as-code and automation tools (Terraform, Helm, ArgoCD, CI/CD pipelines).

• Experience with vulnerability management, SIEMs, and monitoring/observability systems.

• Ability to write secure, maintainable code in Python, Go, or TypeScript for automation and tooling.

• Track record of incident response and remediating vulnerabilities in production systems.

• Excellent communication skills — you can explain risks, tradeoffs, and best practices clearly across technical and non-technical teams.

Bonus:

• Exposure to AI/ML security challenges (e.g., adversarial inputs, data/model poisoning).

• Experience implementing enterprise compliance frameworks (SOC 2, ISO 27001, HIPAA).

• Familiarity with supply chain security, SBOMs, and securing CI/CD pipelines.

• Background in penetration testing, red teaming, or application security.

Who you are:

• Identify as a builder.

• Are excited to work in-person from our new and spacious office in New York.

• Love working in a startup environment (experience in a startup or obsession with going zero-to-one).

• Enjoy working with people who are ambitious, caring, and think in systems.

• Thrive in a fast-paced iterative environment where experimentation is essential.

What we bring:

• Pay & ownership — Competitive salary with generous equity grants.

• Full coverage + retirement — Fully covered health, dental, and vision, plus retirement benefits.

• Unlimited PTO — Take the time you need to recharge.

• Dinner on late nights — Working late? Dinner is on us.

• Fitness stipend — Monthly support for your health and wellness.

• Tools of the trade — Any equipment you need to do your best work.

• Commute perks — Citi Bike + train benefits.

Interview process

1. Application Review – Send us your stuff, and a quick note on why you're excited.

2. Intro Chat: Share what you're looking for next and learn more about what we're building.

3. Founder Interview: Talk with one of our founders in more detail about the role

4. Technical Interview: We’ll have you complete a short exercise specific to the role.

5. Onsite: Come onsite and meet the team through a series of 1:1 interviews.

6. Decision – We’ll move fast.