ForgeApply
Try it free

ForgeApply · Job listing

Senior Security Engineer

Later

Remote · Boston, MA; Chicago, US$145k – $175k

Apply in about a minute — without sacrificing quality.

ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.

About this role

Later is the world’s most intelligent influencer marketing company, built to give brands the confidence to create unforgettable campaigns. By combining real creator relationships, trusted intelligence, and expert guidance, Later removes fear and guesswork from one of marketing’s most visible investments.

Built on a native, AI-powered platform and more than a decade of proprietary data—including billions of social interactions, impressions, and $2.4B+ in verified influencer-driven purchases—Later helps teams understand what will work before they launch.

By combining trusted insight with expert guidance, Later removes guesswork from influencer marketing, enabling brands to choose the right creators, execute fully managed campaigns, and drive meaningful growth across awareness, engagement, and revenue. Trusted by leading enterprise brands including Nike, Wayfair, Unilever, and Southwest Airlines, Later bridges creativity and performance so campaigns don’t just look good—they deliver results. Learn more at later.com .

Senior Security Engineer

Remote, United States

About this position:

We're looking for a Senior Security Engineer to strengthen Later's company-wide security posture through hands-on engineering, thoughtful collaboration, and pragmatic standards. This role blends deep security expertise with strong software engineering skills, with a focus on application security, cloud and infrastructure security, secure development practices, vulnerability management, compliance enablement, and security improvements across our corporate systems and business operations. You'll partner closely with teams across Engineering, Infrastructure, Product, IT, Legal, People, Finance, and other business functions to embed security into Later's systems, tools, workflows, and operating practices. A core focus of this role is helping Later mature its security capabilities in support of SOC 2 and other compliance expectations through practical controls, automation, evidence-ready processes, and clear guidance that works across the company. This role is ideal for a senior security practitioner who thinks like a defender, builds like a software engineer, and leads through influence across both technical and non-technical teams.

What you'll be doing:

Company-Wide Security Strategy & Compliance

• Assess and continuously improve Later's overall security posture across applications, infrastructure, cloud environments, corporate systems, vendor tooling, and business workflows.

• Define and implement scalable security standards, best practices, and guardrails that support SOC 2 readiness through practical, automated, and auditable solutions.

• Partner with Engineering, Infrastructure, IT, Product, Legal, People, Finance, and business leaders to align security priorities with company goals, risk reduction, and delivery timelines.

• Translate SOC 2 and related compliance requirements into sustainable technical and operational controls, procedures, and evidence collection practices.

• Identify security gaps across the company, prioritize remediation efforts, and help teams make pragmatic, risk-based decisions.

• Support company-wide security awareness, secure operating practices, and adoption of security controls across business teams.

Technical Execution

• Build and maintain internal security tools, automation, and services that support secure development, compliance workflows, vulnerability management, corporate security operations, and operational visibility.

• Design and implement security controls within CI/CD pipelines, including secure build and deploy patterns, security scanning, dependency management, container scanning, and secret management.

• Support application security efforts, including secure design reviews, threat modeling, code review guidance, API security, microservices security patterns, and remediation planning.

• Improve cloud infrastructure and corporate systems security through hardening, monitoring, configuration review, Infrastructure-as-Code security scanning, access reviews, and secure operational patterns.

• Collaborate with technical and business teams to identify vulnerabilities and control gaps, explain impact clearly, and drive effective remediation.

• Strengthen security observability and response readiness through logging, alerting, detection engineering, incident response improvements, and company-wide security process maturity.

Collaboration & Enablement

• Partner with teams across the company to identify, understand, and fix security issues in a collaborative, non-blocking way.

• Provide pragmatic security guidance on designs, implementations, vendor tools, operational practices, and business workflows.

• Communicate security risks, tradeoffs, and recommendations clearly across technical and non-technical audiences.

• Embed security into development workflows, corporate systems, and company operating practices without slowing teams unnecessarily.

• Support SOC 2 and related compliance efforts through automation, well-defined controls, reliable evidence practices, and cross-functional coordination.

What success looks like:

• Within the first 90 days, you've completed a security posture assessment, identified the highest-priority gaps, and have a remediation roadmap that's been reviewed and socialized with key stakeholders across Engineering, IT, and Leadership.

• By 6 months, core SOC 2 controls are documented, automated where possible, and evidence collection is running reliably without manual heroics from any single team.

• Security is embedded into Later's CI/CD pipelines, with scanning, secret management, and container security integrated and maintained as a standard part of the development lifecycle.

• Teams across Engineering, IT, and the business have a clear point of contact for security questions, a shared understanding of the risk landscape, and security guidance that helps them move faster, not slower.

• Later's security observability has

Ready to apply to Later?

Apply in about a minute

Similar jobs

More like this: Security & Cybersecurity Jobs · Remote Security & Cybersecurity Jobs · Security & Cybersecurity Jobs in San Francisco · Browse all jobs