Paragon

About the Company

Paragon is the embedded integration infrastructure powering the customer-facing integrations of hundreds of B2B SaaS products, including Copy.ai, AI21, and OpenPhone. With Paragon, engineering teams are building integrations 7x faster than in-house, across dozens of categories (CRM, file storage, project management, productivity, etc.) and both asynchronous and synchronous use cases. Some common use cases include: - Ingesting customers' external data (for RAG) - Syncing data bidirectionally - Enabling AI agents to automate workflows (tool calling) Paragon has raised over $20M in funding and is based out of Los Angeles, California.

Listed Jobs

Company Name

Paragon

Job Title

Senior Security Engineer

Job Description

**Job Title:** Senior Security Engineer **Role Summary:** Lead and own the end-to‑end security program for a cloud‑native integration platform. Partner with engineering, product, and sales teams to design secure architectures, embed a secure SDLC, harden cloud infrastructure, manage vulnerabilities, ensure compliance (SOC 2, HIPAA, etc.), and drive incident readiness while building security confidence with enterprise customers. **Expectations:** - Establish a comprehensive security strategy from scratch. - Influence product and engineering decisions without heavy process overhead. - Deeply engage in technical security implementations and threat modeling. - Deliver measurable improvements in security posture within 6–12 months. **Key Responsibilities:** 1. **Security Posture & Governance** – Define policies (access control, change management, incident response), run access and vendor reviews, and lead SOC 2 mapping and evidence collection. 2. **Secure SDLC** – Introduce threat modeling, design reviews, secure coding guidelines; integrate SAST/DAST, dependency and container scanning into CI/CD; triage and remediate vulnerabilities with engineering. 3. **Cloud & Infrastructure Security** – Harden AWS/GCP/Azure environments (IAM, VPC, KMS, secrets, logging, monitoring); enforce secure-by‑default baselines via IaC (Terraform). 4. **Incident Readiness & Response** – Maintain playbooks, run tabletop exercises, lead investigations, and translate lessons into process improvements. 5. **Security Culture & Customer Trust** – Deliver training, serve as security liaison for RFPs and customer questionnaires, and support sales and CS in articulating security posture. **Required Skills:** - 5+ years in security engineering (AppSec, Infra/Cloud Sec, Product Security). - Proven experience securing production SaaS products in the cloud. - Deep knowledge of AWS, GCP, or Azure security primitives (IAM, VPC, KMS, CloudTrail, CloudWatch). - Hands‑on IaC (Terraform, CloudFormation) and CI/CD tooling. - Familiarity with SAST/DAST, dependency scanning, container scanning. - Strong threat modeling, secure design, and secure coding practices. - Incident response planning and execution. - SOC 2 and other compliance program experience (HIPAA, customer‑specific). - Excellent communication and stakeholder management. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Information Security, or related field (or equivalent professional experience). - Relevant certifications: CISSP, CISM, CEH, or Cloud‑specific security (AWS Certified Security Specialty, GCP Professional Cloud Security Engineer, Azure Security Engineer Associate) preferred.

Los angeles, United states

Hybrid

Senior

23-01-2026