What you'd actually do

Implement security controls across our agent platform, covering application security, infrastructure security

Build security tooling and automation, including automated remediation pipelines, detection systems, and testing frameworks integrated into CI/CD workflows

Partner with engineering teams to design and review authentication systems, secrets management, and access controls

Create detection pipelines that scale with millions of daily AI agent interactions

Contribute to security incidents affecting operations, supporting rapid resolution while maintaining service availability

Skills

Required

3+ years of experience in security engineering
strong software engineering fundamentals
production-quality code
cloud security fundamentals
enterprise security requirements

Nice to have

building developer tools
security automation
remediation pipelines
static analysis tools (Semgrep, CodeQL)
vulnerability management platforms
securing AI/ML applications
prompt injection
adversarial inputs
infrastructure as code (Terraform)
modern cloud development practices
working across the entire stack

About Decagon

Decagon is the leading conversational AI platform empowering every brand to deliver concierge customer experiences.

Our technology enables industry-defining enterprises like Avis Budget Group, Block’s Cash App and Square, Chime, Oura Health, and Hunter Douglas to deploy AI agents that power personalized, deeply satisfying interactions across voice, chat, email, SMS, and every other channel.

We’re building a future where customer experiences are being redefined from support tickets and hold music to faster resolutions, richer conversations, and deeper relationships. We’re proud to be backed by world-class investors who share that vision, including a16z, Accel, Bain Capital Ventures, Coatue, and Index Ventures, along with many others.

We’re an in-office company, driven by a shared commitment to excellence and velocity. Our values — Just Get It Done, Invent What Customers Want, Winner’s Mindset, and The Polymath Principle — shape how we work and grow as a team.

About the Team

The Security Engineering team at Decagon protects the platform that powers the most advanced conversational AI agents for enterprise customers across voice, chat, email and SMS. We build the security foundations that enable Decagon's AI agents to handle sensitive customer data with complete trust while defending against sophisticated, AI-enabled threats at massive scale.

Our mission is to secure our growing platform, ensuring that AI agents and human agents can collaborate safely to help users resolve their issues while maintaining the highest standards of security and privacy.

About the Role

Help build and scale the security foundations of Decagon AI's customer experience platform that powers AI agents for enterprise customers. You'll work with the head of Security to implement security controls, build security tooling, and strengthen our defenses against modern, AI-enabled threats while maintaining an enterprise-ready security and compliance posture. This role combines hands-on security engineering with software development. You'll build automated remediation tools, work on detection pipelines, and partner with engineering teams to improve security across our platform. Decagon's team is some of the best in the industry, so you'll work alongside a skilled and enthusiastic team.

In this role, you will

Implement security controls across our agent platform, covering application security, infrastructure security
Build security tooling and automation, including automated remediation pipelines, detection systems, and testing frameworks integrated into CI/CD workflows
Partner with engineering teams to design and review authentication systems, secrets management, and access controls
Create detection pipelines that scale with millions of daily AI agent interactions
Contribute to security incidents affecting operations, supporting rapid resolution while maintaining service availability

Your background looks something like this

Have 3+ years of experience in security engineering, with strong software engineering fundamentals
Familiarity with application security concepts including authentication, authorization, vulnerability assessment, and secure development practices
Ability to write production-quality code; you can build the tools and automation the team needs, not just identify problems
Experience with cloud security fundamentals, ideally Google Cloud
Exposure to enterprise security requirements such as SOC 2, ISO 27001, or GDPR
Natural curiosity about new technologies and approaches to security problems
Excited to work with bright colleagues out of our downtown San Francisco office

Even better

Experience building developer tools, security automation, or remediation pipelines
Background with static analysis tools (Semgrep, CodeQL) or vulnerability management platforms
Familiarity with securing AI/ML applications, including awareness of risks like prompt injection and adversarial inputs
Experience with infrastructure as code (Terraform) and modern cloud development practices
Comfortable working across the entire stack to solve problems

Compensation

$200K – $330K + Offers Equity

Benefits

We proudly offer the following benefits for our full-time employees:

Take what you need vacation policy (subject to local requirements; UK employees receive 25 days of statutory leave)
Medical, Dental, and Vision benefits for you and your family
Life Insurance and Disability Benefits
Retirement Plan (e.g., 401K, pension)
Parental Leave
Fertility and family building benefits through Carrot
Daily lunches and snacks in the office to keep you at your best

These benefits are described in more detail in Decagon’s policies, may vary by location, and can change at any time according to applicable compensation and benefits plans.