Senior Information Security Engineer at Guild.xyz

<div class="content-intro"><p>To thrive as a company and meet our impact goals, we must cultivate a culture of high-performance. You can read about our culture principles <a href="https://guild.com/careers" target="_blank">here</a>.</p> <p>We know managers are often the single-largest driver of employee satisfaction and growth, and our talent is our biggest asset. Because of that, we’ve identified consistent expectations for all of <a href="https://guild.com/careers/people-manager-expectations">Guild’s people managers</a> — helping you know what to expect from your experience here.</p> <p>If you are an Internal Candidate, please apply via our <a href="../../internal_job_board">Internal Job Board</a>. </p> <p>----</p></div><p>Guild is hiring a <strong><strong>Security Engineer</strong></strong>. The Information Security team is looking to add a highly motivated and technically inclined individual to work as a Cloud Security Engineer. We are looking for a candidate that is comfortable working in an exciting and fast paced environment. This individual’s responsibilities will mainly focus on ensuring protection of Guild’s various cloud resources and environments. These efforts will ultimately allow Guild to fulfill its mission while also meeting business objectives and compliance requirements.</p> <p><strong>As a Security Engineer, you will:</strong></p> <ul> <li>Identify security issues and risks with Guild’s systems and environments. Develop and execute remediation/mitigation plans that provide long term risk reduction.</li> <li>Collaborate with cross-functional engineering teams to integrate and advance security standards within a comprehensive enterprise application security program.</li> <li>You will serve as a strategic partner to engineering squads, providing expert guidance on the integration and remediation of findings from SAST, DAST, and SCA tools.</li> <li>You will design and enforce robust security architectures across the company’s AWS ecosystem.</li> <li>Architect and implement security controls for agentic AI systems, including identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement).</li> <li>Develop comprehensive threat models and conduct realistic threat simulations across Guild's offerings, including LLMs, AI agents, and MCP components.</li> <li>Develop and tune security policy within various security tools and platforms (CNAPP, EDR, Email Gateway, Vulnerability Management, SIEM, etc…).</li> <li>Maintain SOC-2 compliance and assist with audit/client related requests. Assist with incident response and investigation activities.</li> <li>Fulfill regular on-call responsibilitie