Clera - Your AI talent agent
Paragon logo
Paragon
Senior Security Engineer
full-timeLos Angeles

Summary

Location

Los Angeles

Type

full-time

Company links

WebsiteLinkedInLinkedIn
Explore Jobs

About this role

About Paragon

Paragon is an embedded integration infrastructure platform for B2B SaaS and AI products. Engineering teams use Paragon to build native, user-facing product integrations that connect their apps to their customers’ third-party tools (like Salesforce, Slack, Google Drive, and hundreds more) without having to manage auth, rate limits, or custom integration plumbing themselves.

Our platform provides the building blocks for every integration - 130+ native connectors plus a custom integration builder, a fully embeddable Connect Portal SDK, multi-tenant architecture, and flexible deployment options including cloud and on-prem. Teams can orchestrate complex workflows and automations using our suite of products: Managed Sync for fully managed data ingestion, ActionKit as a universal API for real-time actions, and Workflows for event-driven automations and integration logic.

We’re trusted by hundreds of SaaS companies to help them ship every integration their customers need with a fraction of the engineering effort.

About the role

We’re hiring our first dedicated security hire to own security end-to-end across our product, infrastructure, and organization. You’ll be both a hands-on security engineer and the security lead who sets direction, defines standards, and builds the foundation of our security program.

You’ll partner closely with engineering, product, and GTM teams to keep our platform and customer data safe, while also unblocking enterprise deals and strengthening our security posture as we scale.

If you enjoy building security programs from (almost) scratch, influencing without heavy process, and still getting deep into the technical details, this role is for you.

What you’ll own

  • Company-wide security posture across application, infrastructure, and internal systems

  • Secure SDLC: how we design, build, test, and release secure software

  • Cloud & infrastructure security in our AWS, GCP, and Azure environments

  • Vulnerability management: from discovery to prioritization and remediation

  • Security governance & compliance, including SOC 2, HIPAA, and customer requirements

  • Incident readiness & response, including playbooks, tooling, and training

  • Security story for customers: helping sales and customer success win and retain larger customers

What you’ll do

Product & application security

  • Partner with engineering and product to design secure architectures and features.

  • Introduce and maintain a secure SDLC: threat modeling, design reviews, secure coding guidelines.

  • Implement and manage tooling such as SAST/DAST, dependency and container scanning integrated into CI/CD.

  • Triage and prioritize vulnerabilities; drive remediation with engineering teams.

Cloud & infrastructure security

  • Harden our cloud environment (e.g., AWS IAM, VPCs, security groups, KMS, secrets management).

  • Define and enforce secure-by-default baselines using infrastructure-as-code (e.g., Terraform).

  • Establish logging, monitoring, and alerting for key security events.

  • Collaborate with platform/infra engineers to build guardrails instead of gates.

Governance, risk, and compliance

  • Own and evolve core security policies (access control, change management, incident response, vendor management, etc.).

  • Lead our SOC 2 program (and future frameworks as needed): mapping controls, evidence, and audits.

  • Run access reviews and vendor security reviews on a regular cadence.

Incident response & readiness

  • Define and maintain incident response plans, runbooks, and playbooks.

  • Lead incident investigations when they occur and coordinate cross-functional response.

  • Run tabletop exercises and post-incident reviews; ensure learnings translate into durable improvements.

Security culture & customer trust

  • Provide training and enablement for engineers and staff on secure practices.

  • Be the security point of contact for customer questionnaires, RFPs, and enterprise security reviews.

  • Help sales and customer success articulate our security posture clearly and credibly.

What success looks like in 6 - 12 months

  • We have a clear view of our crown jewels, data flows, and key risks, documented and understood.

  • Core cloud and application security baselines are in place and enforced via code.

  • The secure SDLC is embedded into our development process with practical, lightweight checks.

  • We have a structured vulnerability management process with agreed SLAs and strong engineering partnership.

  • Our SOC 2 (or equivalent) program is running smoothly, with repeatable evidence collection.

  • Sales and customer success feel confident bringing you into enterprise security conversations.

About you

Experienced security engineer

  • ~5+ years in security engineering or related roles (AppSec, Infra/Cloud Sec, Product Security).

  • Strong experience securing cloud-based SaaS products in production.

Cloud & infra security

  • Deep hands-on experience with [AWS/GCP/etc.] security primitives (IAM, VPC, KMS, security groups, CloudTrail/CloudWatch, etc.).

  • Comfortable working with infrastructure-as-code (Terraform or similar).

Application & product security

  • Strong understanding of common web and API vulnerabilities (OWASP Top 10, real-world exploit patterns).

  • Experience working with product/engineering teams to prevent issues by design, not just fix them later.

Security tooling & automation

  • Experience deploying and tuning security scanners and monitoring tools.

  • Comfortable scripting in Python, Bash, or similar to automate checks and workflows.

Governance & compliance

  • Hands-on experience with SOC 2, ISO 27001, or similar frameworks (setting up or maintaining controls).

  • Ability to translate technical controls into auditor- and customer-friendly language.

Collaboration & leadership

  • You’re comfortable being the go-to security voice in a growing company.

  • You can influence without heavy process, earning trust with engineers, PMs, and leadership.

  • Strong written and verbal communication skills; you can explain tradeoffs in plain language.

Nice to have

  • Experience as a first or early security hire at a startup.

  • Experience with detection & response (SIEM, EDR, alert tuning).

  • Prior involvement in customer-facing security reviews and complex security questionnaires.

  • Familiarity with privacy and data protection topics (e.g., GDPR) in a SaaS context.

Why this role is exciting

  • Founding scope – You’re not just joining a security team; you’re creating it.

  • High impact – Your work will directly impact our ability to win larger customers and protect high-value data.

  • Growth path – As we scale, this role can evolve into Security Lead / Head of Security, with the opportunity to define future team structure.

Other facts

Tech stack
Security Engineering,Cloud Security,Application Security,Vulnerability Management,Incident Response,Governance,Compliance,Secure SDLC,Infrastructure as Code,Security Tools,Collaboration,Communication,Risk Management,Training,Customer Trust,Security Policies

About Paragon

Paragon is the embedded integration infrastructure powering the customer-facing integrations of hundreds of B2B SaaS products, including Copy.ai, AI21, and OpenPhone.With Paragon, engineering teams are building integrations 7x faster than in-house, across dozens of categories (CRM, file storage, project management, productivity, etc.) and both asynchronous and synchronous use cases. Some common use cases include:- Ingesting customers' external data (for RAG)- Syncing data bidirectionally- Enabling AI agents to automate workflows (tool calling)Paragon has raised over $20M in funding and is based out of Los Angeles, California.

Public Safety

Team size: 585
LinkedIn: Visit
Funding: $22M
Industry: SaaS
Founding Year: 2019

What you'll do

  • You will own the company-wide security posture across application, infrastructure, and internal systems while partnering with various teams to ensure platform and customer data safety. Additionally, you will lead the development of security programs and incident response strategies.

Ready to join Paragon?

Take the next step in your career journey

Frequently Asked Questions

What does a Senior Security Engineer do at Paragon?

As a Senior Security Engineer at Paragon, you will: you will own the company-wide security posture across application, infrastructure, and internal systems while partnering with various teams to ensure platform and customer data safety. Additionally, you will lead the development of security programs and incident response strategies..

Why join Paragon as a Senior Security Engineer?

Paragon is a leading SaaS company.

Is the Senior Security Engineer position at Paragon remote?

The Senior Security Engineer position at Paragon is based in Los Angeles, California, United States. Contact the company through Clera for specific work arrangement details.

How do I apply for the Senior Security Engineer position at Paragon?

You can apply for the Senior Security Engineer position at Paragon directly through Clera. Click the "Apply Now" button above to start your application. Clera's AI-powered platform will help match your profile with this opportunity and guide you through the application process. You can also learn more about Paragon on their website.