SecOps Engineer

Department: Engineering

Location: Boston

Compensation: $165K – $190K • Offers Equity • Offers Bonus

Employment Type: FullTime

Maven AGI is an enterprise AI platform founded in July 2023 by executives from HubSpot, Google, and Stripe. We build conversational AI agents for autonomous customer support at scale. Our platform unifies fragmented systems, integrates knowledge sources, and enables intelligent actions without costly infrastructure changes.

Our team includes talent from Google, Meta, Amazon, Microsoft, and Stripe, with advisors from OpenAI, Google, HubSpot, and Stripe.

The Role

We're looking for a deeply technical Security Operations Engineer to own and evolve the security infrastructure supporting Maven AGI's AI platform. You'll design, build, and operate the controls, detection pipelines, and incident response systems that keep our platform compliant with SOC 2, HIPAA, and enterprise customer requirements as we scale. This

is a high-leverage role where your work directly impacts platform availability,

developer velocity, and customer trust.

Key Responsibilities

• Own the security posture of our infrastructure, including Kubernetes clusters: admission control, network policy, runtime threat detection, and workload isolation

• Harden CI/CD pipelines against supply chain threats: SAST/DAST, SBOM generation, signed artifacts, and dependency scanning across a large-scale monorepo

• Design, implement, and maintain security infrastructure across cloud providers (Azure, AWS, GCP) using infrastructure-as-code (Pulumi, Terraform, Helm)

• Build and operate detection and response capabilities (SIEM, audit logging, alerting) and lead incident response end-to-end: from triage to forensics to postmortem

• Support compliance programs (SOC 2, HIPAA, ISO): evidence automation, control mapping, audit readiness, and customer security reviews

• Manage identity, secrets, and access controls across cloud, SaaS, and Kubernetes, enforcing least privilege and short-lived credentials by default

• Address AI-specific risks (model access, prompt injection, data exfiltration) as we expand our agent platform

• Evaluate and adopt new tooling to reduce manual toil and scale security coverage as the company grows

Required Qualifications

• 3-7 years of professional Security Engineering, DevOps, or SRE experience

• Strong infrastructure-as-code and policy-as-code skills

• Hands-on experience securing CI/CD systems (GitHub Actions, ArgoCD): supply chain controls, secret scanning, signed builds

• Deep experience with detection and response tooling (SIEM, EDR, audit logging) and leading incidents end-to-end

• Proficiency in at least one scripting/programming language (Python, Go, TypeScript, or Bash) for automation and tooling

• Solid understanding of cloud security across IaaS providers: IAM, networking, DNS, TLS, KMS, and identity federation

• Experience securing Kubernetes in production (AKS, EKS, or GKE): RBAC, network policy, admission control, runtime security

• Working knowledge of at least one compliance framework (SOC 2, HIPAA, ISO 27001, GDPR) and the engineering work behind audit readiness

• Strong communication and cross-team collaboration skills: security at a startup is a partnership, not a gate

• Organized, detail-oriented, comfortable operating in a ticketing environment

• Thrives in fast-paced startup environments

Nice-to-Haves

• Compliance automation experience (Vanta, Drata, or in-house evidence collection)

• Experience with multi-cloud or hybrid (cloud + on-prem) deployments

• Background in offensive security, red teaming, or CTF

• Contributions to open-source security tooling

Our Values

• Do right for customers -- customer trust is earned through reliability

• Data-driven -- we measure before we change, and we alert before customers notice

• Entrepreneurial -- own the problem end-to-end

• Strive to be better, together -- continuous improvement through collaboration