Security Engineer at Blee

ABOUT BLEE At Blee we are replacing workflows that typically run on spreadsheets, email, etc with AI-first software that brings the whole org together to meet compliance requirements faster, more thoroughly, and with greater transparency. We currently have thousands of active users from dozens of enterprise-grade customers on pledged, or paid, long-term contracts. Our leadership group hails from the likes of Adobe, Chime, PayPal, AWS, Wachtell, Harvard Law, and Columbia Law. We have built the first platform that handles the unique challenges our customers face from front-to-back. We find the ideal people for Blee will not only be natural problem solvers but will also enjoy the thrill of discovering which problems our users need solving in the first place, most of whom have never used a product like Blee before. We have an office in downtown SF, one in NYC coming soon, and most of our team is split between the Bay Area and NYC. The Role This is a Security Engineer role for someone who wants to own security end-to-end at a fast-growing startup. You will be the first dedicated security hire, responsible for building and maintaining our security posture from SOC 2 compliance to infrastructure hardening to enterprise security reviews. Growth Trajectory This role is designed for someone who wants to build a security program from the ground up. As Blee scales, you will grow into a security leadership role, shaping the team and strategy as the company's customer base and regulatory requirements expand. What You'll Do - Own and drive compliance certifications – SOC 2 Type II, ISO 27001, and related frameworks (GDPR, CCPA, HIPAA, PCI-DSS) - Design and operate scalable, secure infrastructure – For real-time systems and AI batch pipelines - Build security practices and tooling that scale – Not just compliance checkboxes, but engineering-first security that grows with the company - Harden cloud infrastructure – Access control, secrets management, audit logging, and vulnerability management - Improve CI/CD pipelines and developer experience – When not on core security work, accelerate developer workflows and occasionally contribute to product features Who You Are - Security-obsessed – you think in threat models and attack surfaces by default - A builder who thrives in ambiguity – you've stood up security programs, not just maintained them - Comfortable owning ambiguous problems end-to-end without a dedicated security team around you - Equally at home writing security policies and shipping infrastructure improvements - Proactive and self-directed; you identify risks before they become incidents - Excited to be an early security hire and shape the function from scratch Who You'll Work With & Learn From You will partner closely with Blee's engineering leadership and infrastructure team. This role gives you direct exposure to how security and infrastructure shape trust and velocity at a high-growth startup. Requirements - 4+ years of experience in security engineering or infrastructure security - Have personally taken at least one company through SOC 2 Type II – you know the audit process, the evidence collection, and the gotchas - Hands-on with cloud security (AWS, GCP, or Azure) and modern infrastructure tooling (Terraform, Kubernetes, etc.) - Based in SF or NYC & willing to come into the office 3 days a week Benefits - Competitive salary and equity package - Fully paid medical, dental, and vision insurance - Free access to OneMedical - Short and long-term disability insurance - Company-paid life insurance - Company-sponsored 401k - Unlimited PTO (with mandatory 15 days off) - Financial support for work-adjacent learning opportunities At Blee, we welcome and celebrate diversity in all its forms. We do not discriminate based on race, color, religion, sex, gender identity or expression, sexual orientation, age, national origin, disability, veteran status, or any other protected characteristic. Your unique perspective is valued here. Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time