Lead Security Engineer

Stuut is transforming accounts receivable for B2B companies—making collections smarter and faster for companies that have historically relied on manual processes that are labor intensive and costly. Our platform is gaining traction with finance teams across industrials, chemicals, and manufacturing sectors from Fortune 10 brands to scaling midmarkets. We're backed by top-tier investors including a16z, Khosla, Activant, 1984 Ventures and Page One.

We're hiring a Lead Security Engineer to build Stuut's security foundation from the ground up. You'll be our first security hire, working directly with our engineering and product teams to embed security into every layer of our platform—from how we handle sensitive financial data to how we architect our systems for trust and resilience.

This is a high-impact role for someone who can think strategically, execute decisively, and deliver measurable results. You'll shape our security culture, define our security roadmap, and build the trust that lets enterprise customers confidently move their workflows to Stuut. You're not just implementing controls, you're becoming the security conscience of a rapidly scaling fintech startup.

What You’ll Do

• Own our security posture - assess current risks, design and implement security controls across application, infrastructure, and data layers, and continuously improve our defenses as we scale

• Drive compliance and customer trust - lead efforts toward SOC 2, ISO27001, and other security certifications that enterprise customers require; handle security questionnaires, audits, and customer security reviews

• Embed security in the development lifecycle - work alongside product and engineering to conduct threat modeling, security reviews, and code analysis; champion secure coding practices and help developers build security in from day one.

• Implement security tooling and monitoring process - implement and/or partner with our security vendor in conducting, security penetration testing and monitoring while operating efficiently as a team of one

• Be the voice of security - educate the team on security best practices, create training materials, and build a security-aware culture across Stuut

You Might Be a Fit If You…

• Have 7+ years of experience in application security, cloud security, or security engineering roles, with at least 3 years in a leadership or senior IC capacity

• Have built security programs from scratch or been an early security hire at a high-growth startup

• Possess deep expertise in securing modern web applications on cloud infrastructure (AWS, GCP, or Azure)

• Understand financial services security requirements and compliance frameworks like SOC 2, PCI-DSS, or similar standards

• Can communicate security risks and trade-offs clearly to technical and non-technical audiences, from engineers to executives to customers

• Thrive in ambiguity and can prioritize ruthlessly, you know how to balance perfect security with shipping fast in a startup environment

Compensation

• Top-of-market salary and equity package

• Benefits (for U.S.-based full-time employees)

• Medical, dental & vision insurance coverage for you

• 401(k) & Match

• Equity

• Flexible PTO

• Parental Leave