Staff Security Engineer

Who we are At Twelve Labs, we are pioneering the development of cutting‑edge multimodal foundation models that have the ability to comprehend videos just like humans do. Our models have redefined the standards in video‑language modeling, empowering us with more intuitive and far‑reaching capabilities, and fundamentally transforming the way we interact with and analyze various forms of media. With a remarkable $107 million in Seed and Series A funding, our company is backed by top‑tier venture capital firms such as NVIDIA’s NVentures, NEA, Radical Ventures, and Index Ventures, and prominent AI visionaries and founders such as Fei‑Fei Li, Silvio Savarese, Alexandr Wang and more. Headquartered in San Francisco, with an influential APAC presence in Seoul, our global footprint underscores our commitment to driving worldwide innovation. We are a global company that values the uniqueness of each person’s journey. It is the differences in our cultural, educational, and life experiences that allow us to constantly challenge the status quo. We are looking for individuals who are motivated by our mission and eager to make an impact as we push the bounds of technology to transform the world. Join us as we revolutionize video understanding and multimodal AI. About the Role TwelveLabs is looking for a Staff Security Engineer to join our security team, working directly alongside our lead security engineer to mature and scale our security program. This is a generalist role with broad scope; you'll move fluidly across application security, cloud infrastructure, CI/CD pipelines, and AI/ML‑specific threats. This isn’t a SOC role. You won’t be living in an alert queue. You’ll be hands‑on: identifying risks, building and improving controls to mitigate those risks, and partnering cross‑functionally with engineering and infrastructure teams to make security a natural part of how we build and ship. As a fast‑moving AI company, we’re also tackling security problems with limited established precedent: securing model weights, ML pipelines, and training infrastructure alongside more traditional domains. If you’re energized by emerging threats, like to understand systems deeply, and want real impact at a company building cutting‑edge video AI, this role was built for you. U.S. Citizenship is required as this role involves access to systems and infrastructure subject to U.S. government security requirements. Location: We are currently only considering candidates based in the Pacific Time Zone (PT). Candidates must be able to travel up to 10% of the time annually to attend conferences, off‑site meetings, and other business‑related events as required by the role. This role may require participation in on‑site interviews and/or completion of in‑person onboarding processes. In this role, you will Partner with the lead security engineer to identify risk, build controls, and drive security initiatives across the organization Perform security assessments, penetration testing, and code reviews to find and remediate vulnerabilities across our applications and infrastructure Integrate security tooling and controls into CI/CD pipelines and software development workflows, shifting security left without slowing teams down Help design and enforce cloud security architecture across our AWS environment, including IAM, WAF, network segmentation, encryption, and runtime threat detection Develop and continuously improve security monitoring, logging, and alerting capabilities to support incident detection and response Participate in the security on‑call rotation and assist with incident response and investigation as needed Contribute to compliance efforts across SOC 2, GDPR, CMMC/NIST, etc., including audit support and policy development Help secure AI/ML pipelines, model training infrastructure, and model artifacts including weights and deployment code Build and maintain internal security tooling and automation to scale our program without scaling headcount Partner with engineering, infrastructure, and IT to embed security practices directly into development and delivery workflows You may be a good fit if you have Bachelor's or Master's in Computer Science, cybersecurity, or equivalent experience 8+ years in security, with hands‑on experience across multiple domains rather than a single specialty Proven experience with cloud infrastructure security on AWS, including multi‑account design, IAM, network segmentation, and runtime threat detection Solid understanding of Linux, networking, security monitoring, intrusion detection & response, authentication and access control, and security protocols Proven experience with web application security assessments and penetration testing Experience with Terraform or other IaC/configuration management tools Familiarity with compliance frameworks like SOC 2, GDPR, and CMMC, including audit support Experience building internal security tooling Familiarity with securing AI/ML pipelines, model training infrastructure, or model artifacts (weights, serving infrastructure, or deployment code) Strong communication skills and the ability to drive security initiatives cross‑functionally without direct authority Preferred Qualifications Have experience securing Kubernetes environments Have hands‑on experience implementing and administering a cloud security platform like Wiz or Tenable for security posture management, workload protection, and vulnerability visibility Have hands‑on offensive security or red team experience Have worked at an AI or ML company and understand the threat landscape around model artifacts and pipelines Run a home lab or pursue self‑directed security research in your spare time Benefits and Perks An open and inclusive culture and work environment. Work closely with a collaborative, mission‑driven team on cutting‑edge AI technology. Full health, dental, and vision benefits. Extremely flexible PTO and parental leave policy. Office closed the week of Christmas and New Years. #J-18808-Ljbffr Twelve-Labs