Stack AI is a no-code drag-and-drop tool to quickly design, test, and deploy AI workflows that leverage Large Language Models (LLMs), such as ChatGPT, to automate any business process.

Our core value is to make it extremely easy to build arbitrarily complex AI pipelines using a visual interface that allows you to connect different data sources with different AI models.

Our customers use Stack AI to build applications such as:

• Chatbots and Assistants: AI agents that interact with users, answer questions, and complete tasks, using your internal data and APIs.
• Document Processing: apps to answer questions, summarize, and extract insights from any document, no matter how long.
• Answer Questions on Databases: connect GPT-like models to databases (such as Notion, Airtable, or Postgres) and ask questions about them.
• Content Creation: generate tags, summaries, and transfer styles or formats between documents and data sources.

About this role

At StackAI, security is at the heart of empowering companies to build AI assistants quickly and securely. We’re looking for a hands-on security engineer to design and drive our security strategy across infrastructure, applications, and processes. You’ll build and lead a world-class security team, embed security into our development lifecycle, and ensure we meet the highest standards of compliance and customer trust. If you thrive in high-growth environments and want to shape the future of AI security, we’d love to meet you.

Responsibilities

• Design and Implement Security Frameworks
  Drive the creation and execution of security measures across both infrastructure and application layers (Render.com, Vercel, GCP, Azure, Kubernetes), ensuring StackAI remains secure as we scale rapidly.
• Shape the Security Vision
  Define and roll out a comprehensive security strategy, embedding best practices across engineering and product teams to safeguard data and systems.
• Build and Lead the Security Organization
  Recruit, mentor, and manage a high-performing security team while fostering a culture of technical excellence and proactive defense.
• Integrate Security into Development
  Partner with engineering teams to embed security into CI/CD pipelines and the entire software development lifecycle, making security a core part of how we build.
• Manage External Security Partnerships
  Oversee relationships with penetration testing firms, compliance auditors, and security vendors to strengthen our defenses and maintain trust.
• Support Customer and Partner Trust
  Work closely with customer-facing teams to clearly communicate StackAI’s security posture, compliance commitments, and incident response readiness.
• Harden Third-Party Dependencies
  Evaluate and continually improve the security of external tools, APIs, and integrations critical to our platform.
• Lead Incident Response
  Own the security incident response process, coordinating resolution efforts across teams and implementing long-term preventive measures.
• Ensure Compliance and Audit Readiness
  Collaborate with operations and legal teams to prepare for audits (e.g., SOC 2, ISO 27001) and uphold top-tier standards for regulatory and vendor security.

Qualifications

• Proven Security Expertise
  4+ years of hands-on experience in security engineering with success across both infrastructure and application layers.
• Leadership in High-Growth Environments
  Prior leadership experience in scaling tech companies or startups, ideally in roles that bridged strategy and execution.
• Clear and Confident Communication
  Ability to translate complex security concepts into clear language for both technical and non-technical audiences.
• Strong Risk and Threat Management Skills
  Deep background in risk assessment, threat modeling, and vulnerability management.
• Cloud and Infrastructure Mastery
  Practical experience with GCP, Azure, or AWS, combined with a strong understanding of infrastructure and API-level security.
• Secure Development Knowledge
  Familiarity with secure coding practices, especially in JavaScript/TypeScript, Go, and Node.js.
• DevSecOps and Automation
  Experience with modern security tooling and automating testing across build and deployment pipelines.

Our tech stack includes:

• Frontend: Next.js + Tailwind (Typescript)
• Backend: FastAPI + Supabase (Python)
• Databases: PostgreSQL + MongoDB

And we have internally built a super easy-to-use Machine Learning framework tailored to using Large Language Models in a flow-like sequence (akin to Pytorch + Langchain if you are familiar with those). It allows you to seamlessly integrate new functionality into the code base and we are also discussing whether to open-source it since it feels like magic!