Senior Security Engineer

About Tabs

Tabs is an AI-powered revenue intelligence platform built for B2B businesses. Our platform uses advanced AI to extract data from complex contracts and automates key revenue workflows—billing, revenue recognition, reporting, and compliance. Customers use Tabs to eliminate manual work, accelerate cash collection, and scale operations with greater flexibility.

We're a Series A startup based in NYC, backed by top-tier investors including Lightspeed and Primary. With $35M in funding and rapid growth, we're building a world-class engineering team to redefine how modern finance teams operate.

How We Work

• Fast cycles. Weekly sprints with defined ship goals, frequent product launches, and tight customer feedback loops.

• Customer-first. We combine real user input with data to inform engineering decisions and continuously refine the product.

• In-person collaboration. Our NYC office is designed for builders—whiteboards, coffee, meals, and a team that values speed, clarity, and execution.

About the Role

We're looking for a software engineer with a strong focus on infrastructure security and compliance to take ownership of our security engineering roadmap. You’ll inherit a solid foundation—SOC 2 certified, automated workflows with Thoropass—and scale it into a resilient, developer-friendly security program.

You’ll work closely with our CTO and engineering team to build secure-by-default systems, automate compliance, and ensure operational readiness as the company grows.

What You’ll Build & Own

• Engineer and maintain real-time observability systems across our AWS infrastructure and production applications.

• Design and implement alerting and incident response workflows, ensuring high availability and fast recovery.

• Automate identity and access controls—including secure onboarding/offboarding, MFA enforcement, and endpoint management—using code, scripts, and APIs.

• Own and scale our compliance infrastructure via Thoropass: automate evidence collection, support audits, and keep policies and controls in sync with actual systems.

• Write and maintain internal security documentation and technical policies that are understandable and actionable by engineers.

• Drive a culture of security across engineering: threat modeling, secure coding practices, and regular reviews.

About You

• 4+ years in a security-focused engineering or DevSecOps role.

• Deep experience working in AWS production environments with services like GuardDuty, Security Hub, CloudTrail, and IAM.

• Comfortable with scripting (Python, Bash, etc.) and building internal tooling to reduce manual work.

• Familiar with compliance platforms like Thoropass, Vanta, or Drata.

• Strong communicator who can make complex security topics understandable to cross-functional teams.

• Bonus: experience with ISO 27001, HIPAA, GDPR, or building towards multiple compliance frameworks.

Perks & Benefits

• Competitive compensation + equity

• Full coverage for health, dental, and vision insurance

• 401(k) plan

• Daily lunch, dinner, and coffee stipend for in-office days

• Pre-tax commuter benefits