Security Engineering Lead

Outset invented a better way to do research: AI-powered user interviews.

Global brands like Hubspot Microsoft Uber and Nestle use Outset to achieve deeper qualitative insights about their users at unprecedented speed and scale.

The research industry is massive (>$140B and growing) and ripe for disruption. Incumbents are outdated slow and burdened by high-cost services. That's our opportunity.

Outset is backed by top Silicon Valley investors and raised a $30M Series B in December 2025—less than six months after our Series A—led by Radical Ventures with participation from M12 (Microsoft’s venture arm) 8VC Y Combinator and Adverb Ventures.

The raise follows a breakout year with our business growing 8x as enterprise customers across industries adopt our category AI‑moderated research as the new standard for understanding people.

We’re a tight-knit team based in San Francisco’s Financial District serving some of the world’s largest enterprises

We’re looking for a Security Engineering Lead who can operate across the full security stack—owning policy governance and compliance while also rolling up their sleeves on hands-on technical work. You’ll be the primary owner of Outset’s security program: setting the policy framework responding to customer security requirements managing our vulnerability posture and partnering closely with engineering to keep our product and infrastructure secure. This is a high-ownership high-impact role for someone who thrives at the intersection of policy rigor and technical depth.

Responsibilities

• Own develop and maintain the company security policy framework ensuring policies are current practical and aligned with compliance requirements (SOC 2 ISO 27001 etc.).

• Develop and maintain security playbooks incident response procedures and standard operating procedures across all security domains.

• Own Outset’s internal IT security program—including assessment administration and implementation of controls across corporate systems endpoints and SaaS tooling.

• Own the customer security questionnaire process: review respond to and track all inbound security assessments from prospects and customers.

• Assess and triage reported security vulnerabilities prioritizing based on risk and directly implementing fixes across production software and infrastructure using hands-on (AI-assisted) coding skills.

• Lead investigations into security alerts and incidents; own the end-to-end response and post-incident review process.

• Design and implement security controls across cloud infrastructure (AWS) corporate systems and endpoints.

• Conduct internal security reviews and threat modeling for new and existing products and features.

• Partner with engineering to embed secure development practices into CI/CD workflows and the SDLC.

• Manage the penetration testing program—scoping engagements coordinating external vendors and driving remediation of findings.

• Build and maintain detection and response pipelines for cloud and application environments; manage SIEM tooling and log analytics.

• Support SOC 2 and other compliance initiatives through technical controls policy documentation and audit evidence collection.

• Manage third-party risk assessments and vendor security reviews.

Qualifications

• 6+ years of experience in security engineering DevSecOps information security or a related role.

• Demonstrated experience authoring and maintaining security policies standards and playbooks.

• Hands-on familiarity with cloud environments (AWS) and modern SaaS tooling stacks.

• Strong understanding of identity management endpoint protection and network security fundamentals.

• Proficiency in scripting or automation (Python Go or similar); comfort using AI-assisted coding tools for production changes.

• Experience managing customer-facing security questionnaires and security review processes.

• Experience running or coordinating penetration testing engagements with external vendors.

• Experience with SIEM detection engineering or log analytics platforms.

• Exposure to compliance frameworks (SOC 2 ISO 27001) and the technical controls that underpin them.

• Excellent communication skills—able to translate complex security concepts for non-technical stakeholders.

• Startup experience or demonstrated comfort operating in fast-moving ambiguous environments.

• Familiarity with securing AI/ML pipelines data infrastructure or internal developer tooling is a plus.

Benefits

• Daily collaboration with founders shaping the core product vision.

• Exposure to and collaboration with design and research leaders at top global brands.

• Competitive cash and equity compensation. Actual compensation packages are based on various factors unique to each candidate including skill set depth of experience and certifications.

Outset is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees free from discrimination based on race religion color national origin gender sexual orientation age marital status veteran status disability or any other protected class.

What We Do

Outset invented a better way to do research: AI-powered user interviews. We created this new category of research technology and now it's growing wildly. Global brands like Hubspot Microsoft Uber and Nestle use Outset to achieve deeper qualitative insights about their users at unprecedented speed and scale. The research industry is massive (>$140B and growing) and ripe for disruption. Incumbents are outdated slow and burdened by high-cost services. That's our opportunity.

Why Work With Us

Outset is backed by top Silicon Valley investors and raised a $30M Series B in December 2025—less than six months after our Series A with our business growing 8x as enterprise customers across industries adopt our category AI‑moderated research as the new standard for understanding people. We’re a tight-knit team of 30.

Gallery