About the Role
As our first dedicated security hire, you'll shape and own the foundation of Wexler's security program - spanning infrastructure, product, and compliance. You'll work closely with engineering, operations, and leadership to ensure we're not only secure, but demonstrably so to our customers.
Responsibilities
- Take ownership of existing security tooling and implement new ones (e.g. endpoint protection, MDM, access controls), ensuring they're effectively configured, maintained, and scaled as the business grows.
- Embed secure-by-design practices into the development lifecycle - from secure coding and threat modelling to design reviews and CI/CD hardening.
- Monitor systems for irregular behaviour and proactively design detection and prevention mechanisms.
- Ensure infrastructure and applications align with accepted industry standards (e.g. OWASP Top 10, AWS Well‑Architected Framework).
- Conduct and lead risk assessments, including third‑party/vendor reviews and internal evaluations.
- Document and maintain security policies, procedures, and controls as part of our ISO 27001‑certified ISMS.
- Partner with GTM and leadership to demonstrate our security posture and compliance maturity to customers and prospects - helping turn security into a commercial advantage.
You’ll love this role if you:
- Have hands‑on experience deploying and managing security tooling (EDR, MDM, ZTNA, vulnerability scanners, etc.) and enjoy solving problems at the implementation level.
- Have worked within AWS's security ecosystem and can comfortably navigate enterprise security tools across vendors.
- Have solid foundations in networking, systems, and cloud infrastructure, and can apply frameworks like OWASP and AWS Well‑Architected to real‑world scenarios.
- Have experience reviewing and improving product and infrastructure security, including secure SDLC practices (e.g. threat modelling, secure code review, CI/CD hardening).
- Are familiar with compliance frameworks like ISO 27001 or SOC 2, and can translate technical controls into well‑documented policies and audit‑ready evidence.
- Enjoy automating repetitive security tasks (Python, PowerShell, Bash, or via APIs) to improve efficiency and reduce manual work.
- Think proactively about risk reduction - not just fixing bugs but designing processes and controls that uplift the overall security posture.
- Have a generalist mindset and thrive across infrastructure, product, and compliance domains.
You won’t love this role if you:
- Want to do only policy work or only implementation - this is a hands‑on, full‑spectrum security role.
- Prefer a slow pace or require perfect clarity before acting - we move fast and prioritise action.
- Feel uncomfortable owning outcomes - you'll be accountable end‑to‑end for critical security initiatives.
- Prefer maintaining the status quo - we constantly challenge assumptions and iterate on how security should be done.
- Need a highly structured environment - we're still building, and that includes building the playbook as we go.
- Struggle with ambiguity or need prescriptive direction - you'll get support, but autonomy is key.
- Wait for others to act - we value initiative and bias for ownership.
What We Offer
- Competitive salary and significant equity.
- Huge autonomy and ownership. You will be designing and building the core systems that power AI for some of the most expert users in AI.
- Budget for learning and professional growth.
- Bi‑annual team retreats.
- Work closely with experienced founders and a team of AI scientists and engineers.
Note: If you think you don't quite fit the bill but you'd still be interested in chatting for a different role, get in touch at careers@wexler.ai.
#J-18808-Ljbffr