Senior Security Engineer

About the CompanyTabs is the leading AI-native revenue platform for modern finance and accounting teams. Tabs agents automates the entire contract-to-cash lifecycle, including billing, collections, revenue recognition, and reporting, to help teams eliminate manual work and accelerate cash flow.

High-growth companies like Cursor and Statsig rely on Tabs to generate invoices directly from contracts, reconcile payments in real time, and automate ASC 606 compliance.

Founded in 2023, Tabs has raised over $91 million from Lightspeed Venture Partners, General Catalyst, and Primary. The team is headquartered in New York and brings deep expertise in finance and AI.

How We Work

• Fast cycles. Weekly sprints with defined ship goals, frequent product launches, and tight customer feedback loops.

• Customer-first. We combine real user input with data to inform engineering decisions and continuously refine the product.

• In-person collaboration. Our NYC office is designed for builders—whiteboards, coffee, meals, and a team that values speed, clarity, and execution.

About the Role

We're looking for a software engineer with a strong focus on infrastructure security and compliance to take ownership of our security engineering roadmap. You’ll inherit a solid foundation—SOC 2 certified, automated workflows with Thoropass—and scale it into a resilient, developer-friendly security program.

You’ll work closely with our CTO and engineering team to build secure-by-default systems, automate compliance, and ensure operational readiness as the company grows.

What You’ll Build & Own

• Engineer and maintain real-time observability systems across our AWS infrastructure and production applications.

• Design and implement alerting and incident response workflows, ensuring high availability and fast recovery.

• Automate identity and access controls—including secure onboarding/offboarding, MFA enforcement, and endpoint management—using code, scripts, and APIs.

• Own and scale our compliance infrastructure via Thoropass: automate evidence collection, support audits, and keep policies and controls in sync with actual systems.

• Write and maintain internal security documentation and technical policies that are understandable and actionable by engineers.

• Drive a culture of security across engineering: threat modeling, secure coding practices, and regular reviews.

About You

• 4+ years in a security-focused engineering or DevSecOps role.

• Deep experience working in AWS production environments with services like GuardDuty, Security Hub, CloudTrail, and IAM.

• Comfortable with scripting (Python, Bash, etc.) and building internal tooling to reduce manual work.

• Familiar with compliance platforms like Thoropass, Vanta, or Drata.

• Strong communicator who can make complex security topics understandable to cross-functional teams.

• Bonus: experience with ISO 27001, HIPAA, GDPR, or building towards multiple compliance frameworks.

Perks & Benefits

• Competitive compensation+ equity

• Full coverage for health, dental, and vision insurance

• 401(k) plan

• Daily lunch, dinner, and coffee stipend for in-office days

• Pre-tax commuter benefits