Senior Platform Engineer, Security

Job summary

Decagon is seeking a founding Platform Engineer, Security to design, build, and operate the security infrastructure for its AI platform. This role involves creating durable, well-engineered systems, including paved paths for secure service creation, security tooling, and infrastructure-as-code. The position offers significant impact on the technical direction of the infrastructure security program and directly supports high-value deals with security-conscious enterprises.

Benefits

Qualifications

• 5+ years building and operating production infrastructure, with meaningful exposure to security or a strong interest in moving deeper into security problems
• Deep knowledge of Google Cloud Platform and/or AWS, including compute, networking, IAM, and security services
• Proficiency with infrastructure-as-code (Terraform, Ansible, or similar) and a track record of building developer-facing tooling and automation
• Strong coding ability in at least one systems language (e.g., Python, Go, TypeScript) and comfort building paved-path tooling teams actually adopt
• Experience applying AI-assisted tooling (Cursor, Claude Code, and similar) to make engineers dramatically more effective
• Experience with secure container deployment, service mesh, and Kubernetes security best practices
• Observability and incident-response tooling experience (instrumentation, alerting, dashboards), with a bias toward eliminating toil
• Clear written communication and the ability to turn ambiguous requirements into simple, reliable designs
• Track record of being an early or founding platform/infrastructure/security engineer at another company (preferred)
• Experience building internal platforms: service templates, paved-road deployment, self-serve environments, or developer portals (preferred)
• Security-minded approach to the software supply chain (provenance, secrets, least privilege) and familiarity with static analysis tooling (Semgrep, CodeQL) (preferred)
• Experience with detection and response data pipelines (Kafka/Pulsar, Splunk/Panther/RunReveal, or similar) (preferred)
• Knowledge of enterprise compliance requirements (SOC 2, ISO 27001, GDPR) from an infrastructure and platform perspective (preferred)

Responsibilities

• Design and implement secure, multi-tenant infrastructure that isolates customer data while enabling efficient AI model serving across our platform
• Build golden paths for security including service templates, libraries, Terraform policies, and automation, so new services are secure and production-ready by default
• Own infrastructure-as-code (Terraform) and GitOps best practices, including reusable modules and policy-as-code
• Expand and help operate the platforms behind alerting detection, secrets management, IAM, and automated remediation, integrating them cleanly into CI/CD and developer workflows
• Partner with Security, Infrastructure, and product engineering teams to translate enterprise and compliance requirements (SOC 2, ISO 27001, GDPR) into reliable, automated technical controls
• Participate in security on-call and continuously raise the bar on operability, runbooks, and incident learnings

Skills

Relocation