USA Remote Jobs

Security Architect

  1. Home
  2. Remote jobs
  3. Analyst
  • Company penguin-ai
  • Employment Full-time
  • Location 🇺🇸 United States nationwide
  • Submitted Posted 2 months ago - Updated 11 hours ago
Apply for this position

About the Role: Your Mission as Our Security Architect

Penguin Ai is searching for a highly technical, hands-on Security Architect to lead our security engineering and compliance initiatives. Let's be crystal clear: this is NOT a CISO role. We need someone who thrives in the technical trenches, someone who lives and breathes code, while still keeping a strategic eye on the horizon.


Think of it this way: you'll be spending 80% of your time with your hands in the dirt (or rather, in the code!)doing actual security work, and 20% on the crucial management and coordination that keeps our ship tight.


This role is paramount as we partner with major Healthcare Enterprises and navigate a labyrinth of compliance frameworks. We're looking for someone with true startup DNA â€“ a quick-moving, multi-hat-wearing wizard who can embed security into our very core, not just bolt it on as an afterthought.

Your Day-To-Day Superpowers: What You'll Actually Do:

Security Engineering & Assessment; The Sentinel's Watch:

  • Pen-Test Pro: Regularly raid our own infrastructure and applications with security assessments and penetration tests. Find the weaknesses before the bad guys do!
  • Cloud Guardian (AWS): Implement and maintain iron-clad security controls for our cloud infrastructure and all our endpoints
  • DevSecOps Maestro: Design, build, and maintain our DevSecOps pipelines and tooling, making security an effortless part of our development flow
  • Code Review Crusader: Perform security code reviews and squash vulnerabilities in production code (React, Python, FastAPI) like a bug-busting superhero
  • AI Defence Strategist: Implement robust security guardrails for our cutting-edge LLM-based agentic workflows and AI systems

Compliance & Risk Management; The Rulebook Revolutionary:

  • Compliance Captain: Own and meticulously maintain our SOC2 Type 2, ISO 27001, and HIPAAcompliance programs
  • DDQ Dragon-Slayer: Conquer those daunting Security Due Diligence Questionnaires (DDQs) from our Healthcare Enterprise customers with precision and expertise
  • Cross-Functional Connector: Coordinate seamlessly across our engineering, product, and operations teams to weave security controls into every fibre of our platform
  • Vendor Whisperer: Manage relationships with security vendors and external auditors, ensuring we always have the best allies

Developer Enablement; The Security Sensei:

  • Code Review Mentor: Review and fix security vulnerabilities in code written by other developers, turning potential threats into learning opportunities
  • OWASP Jedi: Train development teams on OWASP Top 10 and secure coding practices
  • Security Trainer: Conduct engaging security training sessions to level up everyone's game
  • Proactive Protector: Embed security best practices into every stage of the development lifecycle

Incident Response; The First Responder:

  • Incident Commander: Own our incident response processes from start to finish
  • Root Cause Analyst: Dive deep to conduct thorough root cause analyses for security incidents
  • Communication Czar: Manage customer communications during security events with transparency and policy adherence
  • Preventative Pioneer: Implement measures to prevent future incidents based on lessons learned

Management Responsibilities (Your 20% Strategic Edge):

  • Strategic Reporter: Report directly to the Head of Engineering (Co-founders) on risk assessments and our overall security posture
  • Audit Ace: Provide oversight and spearhead external compliance audits
  • Update Oracle: Deliver weekly security updates to management, keeping everyone informed
  • Policy Perfector: Review and update security policies and procedures (no need to author from scratch – you're refining the masterpiece!)

What We're Looking For: Your Security Arsenal!

We need someone with an extraordinary combination of:

  • Seasoned Security Veteran: 6+ years of hands-on information security experience
  • Cloud Commando (AWS): Deep expertise in cloud security, specifically AWS
  • Python Powerhouse: Strong proficiency in Python and the ability to write and review secure code like it's second nature
  • Tech Stack Titan: Experience with React, FastAPI, Docker, Kubernetes, GitHub, and Ubuntu
  • Penetration Test Pro: A proven track record of conducting penetration tests and vulnerability assessments
  • DevSecOps Driver: Hands-on DevSecOps implementation experience that makes security seamless

Compliance & Governance; Your Strategic Blueprint:

  • SOC2/ISO 27001 Architect: Direct experience implementing and maintaining SOC2 Type 2 and ISO 27001 programs
  • HIPAA Hero: HIPAA compliance experience in healthcare or other regulated environments
  • DDQ Dynamo: Experience responding to complex customer security questionnaires and RFPs
  • Framework Fanatic: Working knowledge of key security frameworks (NIST, CIS, etc.)

AI/LLM Security; Your Futuristic Vision:

  • LLM Guardian: A solid understanding of Large Language Model (LLM) security risks and guardrails
  • AI/ML Pipeline Protector: Experience securing AI/ML pipelines and agentic systems
  • Responsible AI Advocate: Familiarity with AI safety and responsible AI practices

Soft Skills; Your Secret Sauce:

  • Cross-Functional Communicator: Excellent communication skills for seamless cross-functional collaboration
  • Global Team Player: Comfortable working with globally distributed teams, especially in India
  • Self-Starter Samurai: A self-starter mentality with strong ownership – you don't wait to be told
  • Security Storyteller: Ability to translate complex security concepts into understandable, engaging language for non-technical stakeholders

Your Tech Stack!

  • Languages: Python. JavaScript/React
  • Frameworks: FastAPI, Pytorch
  • Infrastructure: AWS, Docker, Kubernetes, GitHub Actions
  • AI/ML: Various LLM platforms and agentic frameworks
  • OS: Ubuntu Linux
  • Security Tools: You’ll help us select and implement 

Bonus Points: Your Secret Weapons!

  • Have battled (and won!) in a startup or high-growth environment
  • Hold relevant security certifications (CISSP, CEH, OSCP, GIAC, etc.) - your badges of honour!
  • Have prior experience in healthcare technology or regulated industries
  • Have experience managing distributed security teams
  • Possess a background in both offensive and defensive security - you know how to think like the enemy and build impenetrable defences

The Culture Fit: Join Our Colony!

You'll waddle with us if:

  • You like your coffee with a side of delightful chaos
  • You're fuelled by complexity and obsessed with delivering amazing results
  • You enjoy wearing multiple hats (sometimes on the same Zoom call)
  • You believe customer success is more than just "support tickets" â€” it’s long-term impact

Education & Qualifications: Brainiac Basics

A Bachelor's degree in Computer Science, Engineering, Data Science, or a related field

Comp & Perks: Because Even Superheroes Need Support!

  • Competitive salary: We reward greatness!
  • Medical, vision, and dental coverage: Keep you healthy and smiling!
  • Generous vacation policy and company holidays: Recharge and conquer!
  • front-row seat in one of healthcare's most exciting AI companies – witness history in the making!

Loading similar jobs...

USA Remote Jobs

Discover fully remote job opportunities in the United States at USA Remote Jobs. Apply for roles like Software Developer, Customer Service Specialist, Project Manager, and more!

© 2026 Created by USA Remote Jobs. All rights reserved.