Security Engineer
External
Respan · WorldwidePrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
What we're building Respan is building the self-driving observability and evals platform for AI teams, used by 60+ YC companies and hundreds of AI teams. The role You will own security at Respan end to end: application security, infrastructure security, cloud and deployment hardening, access control, secrets management, customer data protection, SOC 2 and enterprise security readiness, and the security systems that let our engineering team ship AI gateway, observability, and eval infrastructure safely at high velocity. What you'll do: Own security across Respan's full stack, including application code, APIs, cloud infrastructure, internal tools, CI/CD, data flows, and developer workflows. Build secure-by-default systems across authentication, authorization, permissions, secrets management, audit logs, encryption, and customer data access patterns. Protect sensitive AI and customer data, including logs, traces, eval data, API keys, prompts, model responses, agent workflows, and gateway-level controls. Partner directly with engineering to find and fix real risks, including architecture reviews, code/config reviews, vulnerability remediation, GuardDuty issues, and unusual user behavior detection. Support enterprise security readiness and internal operations, including SOC 2, customer security reviews, vendor questionnaires, policies, controls, evidence collection, access reviews, onboarding/offboarding, incident response, monitoring, and security documentation. What you must have: 3+ years of experience in security engineering, application security, cloud security, infrastructure security, or DevSecOps Strong understanding of web apps, APIs, authentication, authorization, cloud infrastructure, CI/CD, secrets management, encryption, audit logs, and access control Strong judgment to identify real security risks across product, infrastructure, and internal workflows Clear communicator who can explain security tradeoffs without slowing the team down Strong plus: Experience with SOC 2, compliance readiness, enterprise security reviews, or customer trust documentation Experience securing AI/LLM applications, agentic systems, observability, logging, tracing, evals, gateways, or developer tools Experience with cloud and infrastructure tools like AWS, GCP, Azure, Vercel, Docker, Kubernetes, Terraform, GitHub Actions, or modern CI/CD Experience with incident response, security monitoring, pen testing, or bug bounty programs
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at Respan? Share your experience