Senior Security Operations Engineer

About the role:

AssemblyAI runs a mature, multi-framework security and compliance program—including SOC 2 (all trust criteria), ISO 27001, and PCI 4.0—that protects the infrastructure and customer data behind our industry-leading Voice AI API. We're hiring a Senior Security Operations Engineer to join our IT & Security team as the company's first security engineering role.

This role sits at the intersection of security engineering and security operations. You'll split your time between hands-on engineering work—threat modeling, secure code reviews, security tooling, and infrastructure hardening alongside our platform and product engineering teams—and the operational work that keeps our security program running: compliance audit cycles, vulnerability management, customer questionnaires, and monitoring. You should be energized by both sides of that equation, not just one.

This is a high-ownership role on a small team. You'll work closely with engineers across the company, partner with sales and legal on customer-facing security needs, and have a direct hand in shaping how AssemblyAI secures its products, infrastructure, and internal tools—including a rapidly growing landscape of agentic AI development.

What You’ll Do:

Security Engineering

• Conduct threat modeling and security design reviews for new features, services, and architectural changes—partnering with product and platform engineers early in the design phase.
• Perform secure code reviews and provide actionable feedback, focusing on authentication, authorization, input handling, secrets management, and data protection.
• Deploy and maintain security tooling across the development lifecycle—SAST, SCA, DAST, secret scanning, IaC scanning