Senior Software Engineer - Platform and Infrastructure (Security)

You'll own the security posture of the entire platform that Monaco runs on, and a great deal of the Monaco product itself - and you'll get to define it from first principles, not retrofit it onto legacy debt. This is a rare wear-many-hats role that spans company-wide compliance, secure system design across both product and infrastructure, software supply chain security, and the hands-on evaluation and extension of our core systems for defense in depth. You'll be the person who makes "secure by default" the path of least resistance for a fast-moving engineering team handling sensitive revenue data at scale., * Own company-wide compliance. Drive our compliance program (SOC 2 and beyond) end-to-end with Vanta, turning controls into automated, continuously-verified guardrails rather than point-in-time checkbox exercises.

• Lead secure system design. Set the bar for secure-by-default architecture across product and infrastructure - threat modeling, least privilege, secrets management, encryption, and defense in depth baked into how we build.
• Secure the software supply chain at scale. Own dependency and container image scanning, artifact integrity, vulnerability response SLAs, and CI/CD pipeline hardening across a multi-account, GitOps-driven environment.
• Re-architect core infrastructure for security. Evaluate and harden our key systems - VPCs and network segmentation, Kubernetes, and databases - for stronger isolation, encryption, and least-privilege access.
• Run the external security program. Procure and orchestrate penetration tests, web and vulnerability scanning vendors, and third-party compliance audits - and own remediation through to closure.
• Embed security into the team. Partner across engineering so security accelerates shipping instead of blocking it, and grow into the technical authority on how Monaco protects its platform and customers.

Do you have experience in Web Application Security Testing?, * Deep experience securing cloud-native infrastructure on AWS - IAM, KMS/encryption, networking, and multi-account architectures.

• Strong track record with Kubernetes, Terraform (or comparable IaC), and securing CI/CD and GitOps pipelines.
• Hands-on with compliance frameworks (SOC 2) and tooling (Vanta or similar), and comfortable running audits, pen tests, and vendor security reviews.
• A genuine defense-in-depth mindset - threat modeling, least privilege, secrets management, and software supply chain security come naturally to you.
• Ability to ramp quickly and move fast without hand-holding.

Nice to Have

• Experience with cloud security monitoring and detection (GuardDuty, CloudTrail, AWS Config, WAF, or SIEM tooling).
• Database security depth - encryption at rest/in transit, audit logging, and managed PostgreSQL.
• Zero-trust networking experience and familiarity with private-network access models.

Monaco is building an AI-native revenue platform that replaces the fragmented GTM stack (CRM, sequencing, call recording, enrichment, pipeline management) with one unified system. We're consolidating 6-10 disconnected tools into a single, purpose-built platform and redefining what's possible when all the data lives under one roof in the age of AI - this is a category-defining shift, not an incremental improvement. We launched publicly in Feb 2026 and are 50 people and growing. We have strong early product-market fit, creating millions in ARR in only a few months post-launch. Opportunities exist in both scaling core systems and workflows, and building new cutting edge features from 0 to 1. We've raised $85M through our Series B from legendary investors including Founders Fund, Benchmark, and Human Capital. Our founders are industry veterans who previously led companies like Brex, Apollo, and Clari. Come join us if you want to be part of a high autonomy, high pace team reinventing one of the biggest categories in enterprise software.