Security Engineer

Lambda, The Superintelligence Cloud, is a leader in AI cloud infrastructure serving tens of thousands of customers. Our customers range from AI researchers to enterprises and hyperscalers. Lambda's mission is to make compute as ubiquitous as electricity and give everyone the power of superintelligence.

One person, one GPU. If you'd like to build the world's best AI cloud, join us. *Note: This position requires presence in our San Francisco/San Jose/Bellevue office location 4 days per week; Lambda’s designated work from home day is currently Tuesday.

About the Role Lambda Security protects some of the world's most valuable digital assets: training data, model weights representing immense computational investments, and the sensitive inputs required to leverage best-of-breed AI models. We're responsible for securing every byte that powers breakthrough artificial intelligence.

As a Security Engineer at Lambda, you'll touch many areas across the security program such as building detections, hardening infrastructure, reviewing designs, automating toil, and responding to incidents. Reporting to the Head of Security and partnering closely with Product Engineering, Data Center Operations and Engineering, IT, and embedded Technical Program Managers, your work shapes the security posture customers rely on.

Security at Lambda directly enables customer trust and unlocks enterprise revenue. Our customers run billion-dollar training jobs and irreplaceable model weights on our infrastructure; our job is to make Lambda the safest place to build with AI.

Over the next 12-18 months, you'll help deliver our 2026 security roadmap, expand detection coverage for AI-specific threats, help mature our incident response program, and ship security automation that other engineering teams adopt voluntarily.

You'll also have direct access to LLMs hosted on Lambda's own infrastructure to push security operations beyond what's possible elsewhere. Security is a broad field, and we don't expect you to be an expert in everything our team does, but we do expect you to learn quickly, ship across domains, and support the specialists around you.

If you enjoy moving between detection, architecture, and platform work and want to build security alongside the engineers you're protecting rather than from the outside then we'd love to talk. We value diverse backgrounds, experiences, and skills, and we are excited to hear from candidates who can bring unique perspectives to our team.

If you do not exactly meet this description but believe you may be a good fit, please still apply and help us understand your readiness for this role. Your application is not a waste of our time. What You'll Do Build and Tune Detections: Develop and refine detection content across our SIEM and EDR to catch threats targeting customer data, model weights, and infrastructure.

Respond to Incidents: Participate in on-call, lead investigations end-to-end, and turn each incident into automation, playbooks, or controls that prevent the next one. Harden Systems Directly: Remediate vulnerabilities and security findings in production, partnering with engineering teams when fixes cross team boundaries.

Review Architectures and Code: Provide actionable security feedback on high-level designs and individual changes, and turn recurring review patterns into reusable standards. Build Security Tooling: Ship Python or Go services that automate evidence collection, vulnerability triage, and other toil, using Lambda's hosted LLMs where they meaningfully accelerate the work.

Partner Across Engineering: Work with Product Engineering, Data Center Operations and Engineering, IT, and Legal to land security improvements at the moments they're cheapest to adopt. Balance Strategic and Tactical: Recognize when to invest in a long-term fix versus when "good enough" is exactly that, and bias toward measurable forward progress.

What We Think a Candidate Needs to Demonstrate to Succeed 5+ years of demonstrated security engineering experience, either directly as a security engineer or as an engineer driving security outcomes. We also welcome equivalent backgrounds: significant formal security training paired with strong engineering experience.

A track record of working across security domains; for example, shipping detection work in one role and architecture, platform, or vulnerability management work in another. We don't expect mastery of every domain; we do expect demonstrated breadth and eagerness to learn.

Thrives in high-speed, high-ambiguity startup environments where priorities shift regularly and structure must be built while executing. Strong hands-on Linux experience that showcases your ability to protect both our applications and the cloud we build underneath them.

Comfortable solving problems in Python, Go, or a similar language, with the discipline to ship production-grade tooling rather than only one-off scripts. Excellent collaboration with technical teams both with and without authority (we're all on the same team!).

Nice to Have You've led or developed a meaningful component of a security program (detection & response, security architecture, platform/tooling, vulnerability management, GRC operations, etc.). Experience driving or providing significant evidence for compliance audits such as SOC 2, ISO 27001, PCI-DSS, HIPAA/HITECH, or FedRAMP.

Significant experience operating large-scale production services (e.g., SRE across thousands of hosts) or with virtualization at scale (KVM, Hyper-V, Xen). You've built or deployed critical security infrastructure such as SIEM, SOAR, EDR, IDS/IPS, or canary/honeypot systems.

Experience with AI/ML infrastructure security, model security, or protecting high-value computational workloads. Enthusiasm about leveraging direct access to state-of-the-art LLMs to push security operations beyond the status quo, including through automated triage, intelligent alert correlation, AI-assisted code review.

Salary Range Information The annual salary range for this position has been set based on market data and other factors. However, a salary higher or lower than this range may be appropriate for a candidate whose qualifications differ meaningfully from those listed in the job description.

About Lambda Founded in 2012, with 500+ employees, and growing fast Our investors notably include TWG Global, US Innovative Technology Fund (USIT), Andra Capital, SGW, Andrej Karpathy, ARK Invest, Fincadia Advisors, G Squared, In-Q-Tel (IQT), KHK & Partners, NVIDIA, Pegatron, Supermicro, Wistron, Wiwynn, Gradient Ventures, Mercato Partners, SVB, 1517, and Crescent Cove We have research papers accepted at top machine learning and graphics conferences, including NeurIPS, ICCV, SIGGRAPH, and TOG Our values are publicly available: https://lambda.ai/careers We offer generous cash & equity compensation Health, dental, and vision coverage for you and your dependents Wellness and commuter stipends for select roles 401k Plan with 2% company match (USA employees) Flexible paid time off plan that we all actually use A Final Note: You do not need to match all of the listed expectations to apply for this position.

We are committed to building a team with a variety of backgrounds, experiences, and skills. Equal Opportunity Employer Lambda is an Equal Opportunity employer. Applicants are considered without regard to race, color, religion, creed, national origin, age, sex, gender, marital status, sexual orientation and identity, genetic information, veteran status, citizenship, or any other factors prohibited by local, state, or federal law.