About Us

We’re a startup with big ambitions: to make estate planning modern, visual, and intelligent. Vanilla is the first AI-powered estate advisory platform, built by advisors, planners, and attorneys to transform how wealth is transferred across generations. Our technology unifies scenario modeling, client visualization, and document creation into one seamless, digital experience.

Our team brings together diverse subject matter expertise across estate planning, wealth management, and scaling SaaS startups. We’re distributed across the U.S., with a mix of fully remote and hybrid roles, and we embrace flexibility while staying closely connected. At Vanilla, you’ll join curious builders and problem-solvers who thrive on speed, autonomy, and impact. Here, you won’t just join a company, you’ll help create it. If you’re excited to tackle hard problems, move quickly, and see your work shape both an industry and a growing startup, we’d love to meet you.

Working Location

This role is a remote position, you must be based out of one of the following states: California, Colorado, Connecticut, Florida, Georgia, Idaho, Illinois, Kentucky, Maine, Massachusetts, Minnesota, New Jersey, New York, Ohio, Pennsylvania, Rhode Island, South Carolina, South Dakota, Texas, Utah, Virginia, Washington, or Washington, D.C.

Job Summary

We’re looking for a Senior Security Engineer to help us scale and strengthen our security posture across infrastructure, product, and operations. You’ll work cross-functionally with engineering, product, legal, and compliance teams to ensure our systems meet the highest standards, particularly around frameworks like SOC 2. You’ll also play a hands-on role in proactively identifying vulnerabilities, improving our internal and cloud security processes, and occasionally assisting with customer-facing security conversations.

This role is ideal for someone who enjoys solving complex technical security problems, building scalable tools and processes, and collaborating across teams to drive security initiatives forward.

Responsibilities:

Cloud & Infrastructure Security (Primary)

• Design and implement security architecture for cloud environments (AWS/GCP/Azure)

• Manage identity and access management (IAM) policies, service accounts, and privilege escalation controls

• Implement network security controls (VPCs, security groups, WAF, DDoS protection)

• Secure CI/CD pipelines and container orchestration (Kubernetes/ECS security)

• Monitor and respond to cloud security events using SIEM/SOAR tools

• Conduct threat modeling and security reviews for infrastructure changes

• Manage secrets management, key rotation, and encryption at rest/in transit

AI/ML Security (Primary)

• Secure AI model training pipelines and inference endpoints

• Implement controls against prompt injection, jailbreaking, and model manipulation

• Establish data governance for sensitive training data (PII/PHI in estate/financial documents)

• Design secure embedding and vector database architectures

• Monitor for model abuse, data exfiltration, and adversarial attacks

• Implement guardrails and content filtering for AI outputs

• Assess third-party AI vendor security (OpenAI, Anthropic, etc.)

Compliance & Governance

• Support SOC 2, ISO 27001, or relevant compliance frameworks

• Document security controls, runbooks, and incident response procedures

• Conduct vendor security assessments

• Participate in customer security questionnaires and audits

• Act as a security point of contact to address customer needs (e.g., answering questionnaires or describing controls)

Required Qualifications:

Must Have:

• 5-7+ years in security engineering roles

• 3+ years securing cloud environments (AWS/GCP/Azure) in production

• Strong understanding of IAM, network security, encryption, and secrets management

• Experience with infrastructure-as-code security (Terraform, CloudFormation)

• Container and Kubernetes security experience

• Hands-on experience with security tools (SIEM, vulnerability scanners, CSPM)

• Demonstrated experience with security assessments: threat modeling, secure code review, vulnerability detection, and remediation

• Experience working within compliance frameworks (e.g., SOC 2, ISO 27001) and collaborating with legal, compliance, and engineering teams

• Clear and effective communicator, able to explain technical security concepts to both technical and non-technical audiences

• Candidates must be legally authorized to work in the United States without the need for sponsorship now or in the future. Vanilla is unable to provide visa sponsorship at this time.

AI/ML Security (can mentor into, but some exposure needed):

• Understanding of LLM security risks (OWASP Top 10 for LLM)

• Experience securing APIs serving ML models

• Familiarity with data privacy in ML contexts (anonymization, data minimization)

• Bonus: Experience with RAG architectures, vector databases, or embedding security

Nice to Have:

• Experience in fintech, healthcare, or other regulated industries handling sensitive data

• Startup/scale-up experience (wearing multiple hats)

• Prior incident response or forensics work

The salary range for this role is $180,000 to $210,000. Our compensation packages also include a performance based bonus and equity. Compensation is based on a number of factors and may vary depending on job-related knowledge, skills, and experience.

Benefits:

• Flexible paid time off policy and 10 company-wide paid holidays

• Parental leave, 4 weeks for all full-time employees and up to 12 weeks for birthing parents

• Medical, dental, and vision benefits coverage for employees and their families

• 401K eligibility after one month of employment

• Free estate planning documents

• Budget for learning & development and home office setup

• Paid parking or transit for hybrid and in office employees

Vanilla Technologies Inc. (dba "Vanilla") provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

Vanilla participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S.

Compensation Range: $180K - $210K