Director of Security Engineering

Role Overview

C1 is hiring a Director of Security Engineering to lead and scale the security engineering function. You will own the security posture of C1’s platform and infrastructure, ensuring customers can trust C1 with sensitive identity data—making security a product advantage.

Responsibilities

• Lead the Security Engineering Team
  • Build, mentor, and develop security engineers across product security, infrastructure security, and security operations
  • Foster ownership, continuous improvement, and collaboration
  • Set clear goals and create professional development paths
• Define and Execute Security Strategy
  • Develop a comprehensive security engineering roadmap aligned with company objectives
  • Own security architecture across cloud infrastructure, applications, and data systems
  • Drive security reviews, threat modeling, and secure design practices
• Secure the Platform
  • Ensure security and integrity of the AI-native identity platform, including customer data/identity protection
  • Lead vulnerability management, penetration testing, and incident response capabilities
  • Partner with engineering to integrate security into CI/CD and the SDLC
  • Lead technical security support for security audits, customer security assessments, and regulatory inquiries
• Partner Across the Organization
  • Collaborate with Product and Engineering leadership to balance security requirements with delivery velocity
  • Support Sales and Customer Success during customer security engagements
  • Report security posture, risks, and initiatives to executive leadership

Requirements

• 10+ years in security engineering/application security/infrastructure security
• 5+ years leading security teams
• Strong experience securing SaaS platforms, ideally in identity, security, or enterprise software
• Builder mindset: create security programs/tooling from the ground up
• Strong cloud security foundation, including AWS, container security, and modern application architectures
• Hands-on security expertise: SAST/DAST, vulnerability management, SIEM, incident response, penetration testing
• Proven track record building/scaling high-performing security teams
• Experience with compliance frameworks: SOC 2, ISO 27001, FedRAMP
• Excellent communication skills across technical and non-technical audiences

Bonus Points

• Experience with identity/IAM/security vendors
• Background securing AI/ML systems or agentic architectures
• Open source or community involvement in security