Staff Security Engineer

📋 Description

• • Join Twelve Labs, a pioneering AI company at the forefront of multimodal foundation models, and play a pivotal role in shaping the future of video understanding. We are seeking a highly skilled and motivated Staff Security Engineer to join our dynamic security team, working in close collaboration with our lead security engineer to significantly mature and scale our comprehensive security program.
• • This is a broad, generalist role offering the unique opportunity to influence security across a wide spectrum of critical areas, including application security, cloud infrastructure, CI/CD pipelines, and the emerging landscape of AI/ML-specific threats. You will be instrumental in identifying potential risks, architecting and implementing robust controls to mitigate these risks, and fostering a security-first mindset across the organization.
• • Unlike traditional Security Operations Center (SOC) roles, this position is deeply hands-on and proactive. You will not be confined to an alert queue; instead, you will be actively engaged in understanding systems at a fundamental level, designing and building innovative security solutions, and embedding security best practices seamlessly into our engineering and infrastructure workflows.
• • As a fast-paced AI company, Twelve Labs is at the cutting edge of technological advancement. This role presents an exciting challenge to tackle novel security problems that may not have established precedents, particularly in securing sensitive model weights, complex ML pipelines, and specialized training infrastructure, in addition to traditional security domains.
• • If you are driven by the prospect of addressing emerging threats, possess a deep curiosity for understanding complex systems, and are eager to make a tangible impact at a company revolutionizing video AI, this role is ideally suited for you.
• • You will partner closely with the lead security engineer to conduct thorough risk assessments, develop and implement effective security controls, and champion key security initiatives across all departments.
• • Your responsibilities will include performing in-depth security assessments, conducting penetration testing, and executing code reviews to proactively identify and remediate vulnerabilities across our diverse applications and robust infrastructure.
• • A significant aspect of this role involves integrating advanced security tooling and controls directly into our CI/CD pipelines and software development workflows, ensuring that security is a foundational element from the outset without impeding development velocity.
• • You will play a key role in designing and enforcing a secure cloud architecture across our AWS environment, with a focus on best practices in Identity and Access Management (IAM), Web Application Firewalls (WAF), network segmentation, data encryption, and real-time threat detection.
• • You will be responsible for developing and continuously enhancing our security monitoring, logging, and alerting capabilities to ensure swift and effective incident detection and response.
• • Participation in the security on-call rotation is expected, providing critical support during security incidents and investigations.
• • You will contribute significantly to our compliance efforts, including adherence to frameworks such as SOC 2, GDPR, and CMMC/NIST, providing essential audit support and assisting in the development and refinement of security policies.
• • A unique and exciting part of this role involves securing our AI/ML pipelines, model training infrastructure, and critical model artifacts, including weights and deployment code.
• • You will have the opportunity to build and maintain internal security tooling and automation solutions, enabling us to scale our security program efficiently without a proportional increase in headcount.
• • Collaboration is key; you will work hand-in-hand with our engineering, infrastructure, and IT teams to embed security practices directly into their development and delivery processes, fostering a shared responsibility for security.
• • This role requires a proactive, strategic, and hands-on approach to security engineering, contributing to Twelve Labs' mission of pushing the boundaries of AI technology.