Security Engineer

About 1001

1001 builds AI-powered operational intelligence for the world's most complex, data-heavy environments. We turn fragmented data into a live, unified model of operations and use it to drive better decisions and solve high-stakes problems. Our work sits inside government and large enterprises, in environments defined by critical operations and messy, real-world data.

Our engagements start with forward-deployed teams embedded in the customer environment. They work on real data, build quickly, and iterate until the system proves itself, then scale it across the organization.

The company is backed by Lux Capital, General Catalyst, civ, Hanabi, Sanabil, and 9Yards, with angels including Chris Re, Amjad Masad, Karim Atiyeh, Kareem Amin, and Russell Kaplan.

Working at 1001

We take on high-stakes problems in environments where mistakes carry real consequences. That demands an uncompromising bar, real speed, and systems that hold up under live operations. The people who thrive set that bar for themselves and keep raising it. They own outcomes end to end, bring rigor to everything, and lift everyone around them.

About the role

Because we operate inside governments and large enterprises, security is not a back-office function here. It is part of how we earn the right to handle a customer's most sensitive operational data, and often part of how we win the deal in the first place.

You will own security end to end: across the product, the infrastructure, our cloud environments, and the corporate systems the engineering team only covers at a surface level today. You will also be the person in the room with enterprise security teams, leading the reviews, questionnaires, and procurement conversations that decide whether a deployment moves forward.

This is a hands-on role for someone who builds the controls rather than only writing the policy. You will set the security bar for the company from the ground up, decide where the real risk is, and put preventative controls in place before an incident forces the issue.

What you'll work on

• Own security across the product, infrastructure, cloud environments, and corporate systems, beyond what the engineering team can cover today.
• Secure company-wide accounts and identity, including Google Workspace, Microsoft, Slack, GitHub, cloud accounts, identity providers, password managers, device policies, and access controls.
• Establish 1001's internal security practices as a company.
• Lead customer-facing security reviews, questionnaires, and procurement conversations with enterprise security teams.
• Define and implement security controls, threat models, and policies, and build secure-by-default patterns into the platform and deployment workflows.
• Drive compliance work across soc 2, iso 27001, and regional equivalents.
• Respond to incidents, investigate risk, and put preventative controls in place.

Requirements

• 5 or more years in security engineering, with significant time in product or cloud security at a B2B or enterprise SaaS company.
• Strong with cloud security on aws, gcp, or Azure, plus application security and identity and access.
• Credible and comfortable in customer-facing security and compliance conversations.
• Hands-on, shipping the controls yourself.
• AI-specific risk experience, including data handling, model and prompt security, and agentic systems.