Job Description
Compa is a venture-backed AI startup revolutionizing the future of compensation.
In a dynamic job market with hiring challenges accountability and the rise of AI companies need the best data to stay ahead of industry changes competition and costs. Compa has developed the premier real-time compensation data platform delivering top-tier compensation intelligence to leading enterprise teams.
Compa is a compensation intelligence company built to augment enterprise compensation teams in the era of AI.
Our customers include the world’s biggest companies: NVIDIA Stripe DoorDash Open AI TMobile Moderna Workday Ulta Target and more.
Locations:
Compa headquarters are located in Irvine California with growing sites in Denver Colorado and San Francisco California. We’re a collaborative curious and driven team that values transparency ownership and continuous learning and prioritizing in person work where possible.
The RoleWe are looking for a Product Security Engineer to build and scale the Product Security function at Compa. This is the first dedicated security hire at the product layer - a senior individual contributor role reporting directly to the Head of Security.
You’ll set the security bar establish standards and patterns provide architectural guidance and build leverage through tooling and automation. You are an advisor architect and builder: Security sets the direction; Engineering builds at scale. You’ll define secure engineering practices operationalize them through repeatable processes automation and developer tooling and continuously improve them as we grow.
When a strategic security initiative spans application code cloud infrastructure identity and platform you will lead it from design through initial implementation then partner with Engineering to scale and maintain.
You will be the security voice in the room when consequential decisions are made proactively shaping how Engineering and Product think about security risk architecture and secure software development.
ResponsibilitiesSet the Security Bar
Perform architecture reviews threat modeling and security design reviews across applications APIs cloud infrastructure data pipelines and AI-enabled systems.
Develop security standards reference architectures and secure design patterns that enable teams to build securely by default.
Define and continuously improve the Secure Software Development Lifecycle (SDLC) embedding security throughout engineering workflows and release processes.
Lead security assessments for new products major features third-party integrations and emerging technologies.
Serve as a trusted technical advisor on security architecture implementation decisions and risk tradeoffs.
Communicate security concepts clearly across audiences — from engineering design reviews to product documentation trust portal content and customer diligence conversations.
Build Leverage Through Tooling and Enablement
Design and build reusable security patterns libraries and developer tooling that scale secure-by-default practices across engineering.
Implement security automation and guardrails that improve security posture while reducing developer friction.
Partner with Platform Engineering on cloud security posture infrastructure hardening secrets management workload identity and security observability.
Advance AI Security
Define and operationalize secure patterns for AI-enabled products agents MCP servers tool integrations and retrieval systems.
Evaluate emerging AI security risks and translate them into practical architectural guidance engineering controls and platform capabilities.
Partner with developers to improve the safe and scalable use of AI throughout the software development lifecycle including AI-assisted tools and emerging workflows.
Build When It Matters
Prototype and deliver initial production-ready implementations for strategic initiatives establishing patterns for broader adoption.
Contribute to security incident response investigations and remediation when needed.
5+ years of Software Engineering experience to include building and shipping production software.
Strong programming fundamentals in at least one modern language with aptitude to quickly learn others.
Experience performing application security reviews threat modeling or security design reviews.
Experience designing building or securing cloud-native applications and distributed systems.
Strong understanding of cloud security IAM CI/CD containers infrastructure-as-code and software supply chain security.
Experience influencing engineering organizations through technical leadership and architectural guidance.
Strong systems thinking sound judgment and the ability to reason about architecture scale operational risk and engineering tradeoffs while operating effectively in ambiguous fast-moving environments.
Ability to translate security risk into business and engineering terms and to influence decisions at the leadership level without direct authority.
Experience securing cloud-native infrastructure in AWS environments.
Experience designing or implementing enterprise-facing capabilities such as SAML SCIM RBAC audit logging or customer-facing security controls.
Experience building security automation developer tooling or internal platforms that improved engineering velocity and security outcomes.
Experience building operating or securing AI-enabled products agents MCP servers or retrieval systems.
Experience building or scaling a Product Security or Security Engineering function in a high-growth technology company.
Skills Required
- 5+ years of Software Engineering experience building and shipping production software.
- Strong programming fundamentals in at least one modern language and aptitude to learn others quickly.
- Experience performing application security reviews threat modeling or security design reviews.
- Experience designing building or securing cloud-native applications and distributed systems.
- Strong understanding of cloud security IAM CI/CD containers infrastructure-as-code and software supply chain security.
- Experience influencing engineering organizations through technical leadership and architectural guidance.
- Strong systems thinking sound judgment and ability to reason about architecture scale operational risk and engineering tradeoffs.
- Ability to translate security risk into business and engineering terms and influence leadership without direct authority.
- Experience securing cloud-native infrastructure in AWS environments.
- Experience designing or implementing SAML SCIM RBAC audit logging or customer-facing security controls.
- Experience building security automation developer tooling or internal platforms that improved engineering velocity and security outcomes.
- Experience building operating or securing AI-enabled products agents MCP servers or retrieval systems.
- Experience building or scaling a Product Security or Security Engineering function in a high-growth technology company.
Compa Compensation & Benefits Highlights
- Healthcare Strength—Health coverage is positioned as comprehensive with employer-covered employee premiums for medical dental and vision plus wellness resources and access to an onsite gym in some locations.
- Leave & Time Off Breadth—Time off includes generous PTO paid holidays a company-wide winter break and generous parental leave.
- Equity Value & Accessibility—Compensation highlights include competitive base salary alongside stock options/equity signaling accessible ownership as part of total rewards.
Compa Insights
What We Do
Compa is a venture-backed SaaS startup revolutionizing the future of compensation. In a dynamic job market with hiring challenges accountability and the rise of AI companies need the best data to stay ahead of industry changes competition and costs. Compa has developed the premier real-time compensation data platform delivering top-tier compensation intelligence to leading enterprise teams. Compa is a compensation intelligence company built to augment enterprise compensation teams in the era of AI. Our customers include the world’s biggest companies: Apple NVIDIA Tesla Mastercard T-Mobile Sanofi Moderna Gilead Sciences and more.
Why Work With Us
Compa is reimagining how companies win with pay—building tools that make compensation more fair transparent and data-driven. You’ll join a mission-driven remote-first team that values ownership low ego and real impact. If you want to shape the future of work this is the place.
Gallery
Compa Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
Compa headquarters are located in Irvine California with growing sites in Denver Colorado and San Francisco California. We’re a collaborative curious and driven team that values transparency ownership and continuous learning.
Similar Jobs
Compa
Enterprise Account Executive
Explore More
Date Posted
07/10/2026
Views
0
Similar Jobs
Senior Manager, GTM Sales Engineer & AI solutions - Toast
Views in the last 30 days - 0
View Details