Security Engineer

Reflection AI is seeking a Security and Compliance Engineer to implement and operate technical security controls and compliance requirements. This hands-on role involves securing cloud infrastructure, endpoints, and internal systems, maintaining IAM controls, and supporting logging and monitoring. The engineer will also assist with AI and data security, including dataset protection and data handling standards, and support SOC 2 compliance activities, documentation, and security training. The role balances speed and scalability while building the future of security, requiring 3-5 years of experience in IT, DevOps, or security-adjacent roles.

Must Have

• Implement and operate technical security controls and compliance requirements.
• Secure cloud infrastructure, endpoints, and internal systems.
• Implement and maintain IAM controls, access reviews, and least-privilege permissions.
• Support logging, monitoring, and alerting for security-relevant events.
• Assist with vulnerability scanning, dependency monitoring, and remediation tracking.
• Support secure CI/CD practices, including secrets management and environment separation.
• Assist with securing datasets used for model training and evaluation.
• Help enforce data classification and data handling standards.
• Support SOC 2 compliance activities, including evidence collection and control testing.
• Help maintain security documentation, procedures, and runbooks.
• 3-5 years of experience in IT, DevOps, software engineering, or security-adjacent roles.
• Basic understanding of cloud infrastructure (AWS, GCP, or Azure).
• Familiarity with core security concepts: access control, encryption, logging, and least privilege.
• Comfort working with technical systems, configs, and dashboards.

Good to Have

• Early career experience in security, IT, or Compliance.
• Exposure to SOC 2, ISO 27001, or other security frameworks (academic or professional).
• Familiarity with GitHub, CI/CD pipelines, or infrastructure-as-code.
• Moderate Python, Terraform, or Pulumi knowledge.
• Interest in AI/ML systems, data security, or privacy engineering.
• Experience at a startup or fast-moving engineering team.

Perks & Benefits

• Top-tier compensation (salary and equity).
• Comprehensive medical, dental, vision, life, and disability insurance.
• Fully paid parental leave for all new parents, including adoptive and surrogate journeys.
• Financial support for family planning.
• Paid time off.
• Relocation support.
• Lunch and dinner provided daily.
• Regular off-sites and team celebrations.

Our Mission

Reflection’s mission is to build open superintelligence and make it accessible to all.

We’re developing open weight models for individuals, agents, enterprises, and even nation states. Our team of AI researchers and company builders come from DeepMind, OpenAI, Google Brain, Meta, Character.AI, Anthropic and beyond.

Role Overview:

We are seeking a Security and Compliance Engineer to support the implementation and operation of Reflection AI’s technical security controls and compliance requirements. This is a hands-on, technical role designed for someone who wants to help build the future of security while balancing speed and scalability.

You’ll work closely with our Foundations engineering team, Operations team, and Legal to help secure our infrastructure, datasets, and AI development workflows while learning how compliance frameworks translate into practical engineering controls.

What You’ll Do:

Technical Security

• Assist with securing cloud infrastructure, endpoints, and internal systems
• Help implement and maintain IAM controls, access reviews, and least-privilege permissions
• Support logging, monitoring, and alerting for security-relevant events
• Assist with vulnerability scanning, dependency monitoring, and remediation tracking
• Help maintain endpoint protection and device security tooling
• Support secure CI/CD practices, including secrets management and environment separation

AI and Data Security Support

• Assist with securing datasets used for model training and evaluation
• Help enforce data classification and data handling standards
• Support basic dataset reviews and security checks prior to ingestion
• Assist with access controls and audit logging around AI systems and data pipelines

Compliance and Audit Support

• Support SOC 2 compliance activities, including evidence collection and control testing
• Help maintain compliance tooling
• Assist with responding to customer security questionnaires and due diligence requests
• Track control gaps, remediation tasks, and follow-ups
• Learn how compliance requirements map to technical controls

Documentation and Learning

• Help maintain security documentation, procedures, and runbooks
• Participate in and implement security training and awareness efforts
• Contribute to incident response preparation and post-incident reviews
• Continuously learn security, compliance, and privacy best practices with mentorship

What We Are Looking For:

• 3-5 years of experience in IT, DevOps, software engineering, or security-adjacent roles
• Basic understanding of cloud infrastructure (AWS, GCP, or Azure)
• Familiarity with core security concepts: access control, encryption, logging, and least privilege
• Comfort working with technical systems, configs, and dashboards
• Strong attention to detail and willingness to learn compliance and audit processes
• Ability to follow through on tasks and document work clearly

Preferred Qualifications

• Early career experience in security, IT, or Compliance
• Exposure to SOC 2, ISO 27001, or other security frameworks (academic or professional)
• Familiarity with GitHub, CI/CD pipelines, or infrastructure-as-code
• Moderate Python, Terraform, or Pulumi knowledge
• Interest in AI/ML systems, data security, or privacy engineering
• Experience at a startup or fast-moving engineering team

What We Offer:

We believe that to build superintelligence that is truly open, you need to start at the foundation. Joining Reflection means building from the ground up as part of a small talent-dense team. You will help define our future as a company, and help define the frontier of open foundational models.

We want you to do the most impactful work of your career with the confidence that you and the people you care about most are supported.

• Top-tier compensation: Salary and equity structured to recognize and retain the best talent globally.
• Health & wellness: Comprehensive medical, dental, vision, life, and disability insurance.
• Life & family: Fully paid parental leave for all new parents, including adoptive and surrogate journeys. Financial support for family planning.
• Benefits & balance: paid time off when you need it, relocation support, and more perks that optimize your time.
• Opportunities to connect with teammates: lunch and dinner are provided daily. We have regular off-sites and team celebrations.