Menlo Security

Providing technical support, troubleshooting complex enterprise IT issues, and managing escalations. | Experience in enterprise IT support, storage, networking, and virtualization with strong problem-solving and communication skills. | Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista”), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. We are seeking a Senior AI Security Engineer to focus on the emerging security challenges of autonomous AI agents. In this role, you will research, design, and implement novel techniques to detect and mitigate prompt poisoning, context manipulation, malicious agent behaviors, and other adversarial threats targeting agentic AI systems. You will work closely with engineering teams to translate cutting-edge security research into practical, deployable security controls that protect agents operating in real-world environments, particularly when interacting with untrusted web content. Core Responsibilities Research Emerging Agentic Threats: Investigate new attack vectors against AI agents, including prompt injection, context poisoning, adversarial content embedding, and misuse of agent planning and reasoning mechanisms. Architect Scalable Agentic Workflows: Design and implement robust, high-performance pipelines that secure agent-to-web interactions. Develop Novel Detection & Mitigation Techniques: Design and prototype new approaches for identifying malicious prompts, unsafe contextual signals, and adversarial behaviors in LLM-powered agents. Agent Security Controls: Implement these techniques as security controls within agentic runtimes, ensuring agents can safely reason over and act on external data sources. Collaborative Engineering: Partner closely with applied engineers to integrate research-driven security mechanisms into production systems, balancing security effectiveness with agent performance. Proactive Threat Modeling: Continuously evaluate the evolving AI threat landscape and anticipate future risks as agent capabilities and autonomy increase. Adversarial Resilience: Build defensive mechanisms within the browser surrogate to detect and neutralize complex context poisoning and injection attempts embedded in web content. Qualifications BSc in Computer Science or significant experience in high-scale cloud engineering; a relevant MSc or PhD is a strong advantage. 3+ years of experience in applied AI, with a proven track record of deploying high scale AI systems in production environments. Agentic experience in production environments is an important advantage. Expert-level Python; deep experience with k8s and cloud-native orchestration; proficiency with advanced data modeling and version control. Significant experience in cybersecurity or browser-related technologies is highly preferred. Deep understanding of prompt engineering techniques and how they can be exploited in agentic systems. Ability to explore ambiguous problem spaces, experiment with new ideas, and iterate toward effective security solutions. Nice to Have Hands-on experience with orchestration frameworks (e.g., LangChain, AutoGen) and / or standardized communication protocols like MCP. Experience building immutable event streams and high-speed data pipelines for real-time traffic analysis. Understanding of how web pages are rendered and how to programmatically manipulate the DOM or Accessibility Tree to enhance security. A "security-first" mindset with a bias toward building auditable, traceable, and fault-tolerant systems. MSGL-I4 Why Menlo? Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security’s policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.

Define and drive the product vision, roadmap, and delivery for security infrastructure solutions, collaborating with engineering, marketing, and global teams. | 5+ years of product management experience, knowledge of cloud, networking, and security technologies, and strong communication skills. | Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista”), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. About the Role This is your chance to define the future of security for Menlo and move the stock price of our company. We need a Principal Product Manager to join our team. In this role you will define, prioritize, and drive the requirements required to productize and extend security capabilities to our customers. The requirements will be both externally and internally driven and will demand close collaboration with our engineering and infrastructure/networking and platform teams. Additionally, you will be a partner with marketing and be outwardly facing and will engage with the media, analysts, customers, and more. Responsibilities Own the product vision for the global infrastructure delivering security to Menlo customers Define the roadmap and work with internal teams to communicate, manage, and deliver it Engage with the global teams to understand local market requirements and drive the solution delivery to meet the customer needs Drive productization of logging, reporting, and other data related infrastructure tools needed for customer and internal teams Provide forecasting and scalability requirements to the internal stakeholders Manage the cost reduction initiatives to drive gross margin improvements for the company Requirements Keen judgment and an approach to product management decisions through the lens of a General Manager 5+ years of product management experience in a startup environment is ideal, but not required Experience with defining and shipping SaaS services in an Agile environment. Deep familiarity of contemporary software development methodologies, tools, and best practices associated with building and deploying solutions Knowledge of public cloud computing, data center, virtualization, networking, storage, databases technologies, and working with cloud primitives is highly desired Communication skills that inspire, educate, persuade, and sell, both internal and external audiences The ability to empathize and channel the various stakeholders PM represents (some days it will be customers, other days engineering, sales, finance, marketing, ops, and support) Enterprise software development experience in an Agile environment Technical knowledge of the following: networking, cloud deployments and administration, web security, SSO, SIEM, proxy chaining, CASB, and firewalls BS/BA or relevant experience preferred Our Compensation and Benefits At Menlo Security, Base Salary is one part of our competitive total compensation and benefits package and is determined using a salary range. The base salary range for this role is $127,000 - $223,000. In accordance with NY, CO, CA, and WA law, the range provided is Menlo Security’s reasonable estimate of the base compensation for this role. The actual amount may be higher or lower, based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. All employees may be eligible to become Menlo Security shareholders through eligibility for stock-based compensation grants, which are awarded to employees based on company and individual performance. Menlo Security does not accept unsolicited resumes from search firm recruiters. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Menlo Security. Menlo Security is an equal opportunity employer. All aspects of employment will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. MSGL-I4 Why Menlo? Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security’s policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.

Ensure organizational adherence to FedRAMP and federal security standards through compliance management, documentation, and coordination with internal teams and external assessors. | Requires 2-3 years of experience in cybersecurity compliance, knowledge of FedRAMP and NIST standards, and relevant security certifications, which are not part of your skill set. | Menlo Security's mission is enabling the world to connect, communicate and collaborate securely without compromise. COVID-19 has made our mission all the more real. We support customers across various enterprises including Fortune 500 companies, 9/10 of the largest global banks and the Department of Defense. The world has fundamentally changed. We are growing from 400 employees into the next phase of our journey, and we need passionate talent filled with empathy and agility. The right candidate for the job is ethical, hyper-organized, fanatical about seeing things through to completion, service-oriented, and humble enough to take feedback and coaching yet confident enough to provide feedback and coaching. Menlo is well-funded for growth and our investors are second to none. They include Vista Equity Partners (“Vista”), General Catalyst, JPMC, American Express, HSBC, and Ericsson Ventures. Description We are seeking a detail-oriented FedRAMP Compliance Manager to support our organization's adherence to the Federal Risk and Authorization Management Program (FedRAMP) requirements. This role is critical to ensuring our cloud services maintain compliance with federal security standards and support continuous monitoring, authorization processes, and audits. The ideal candidate will have experience with NIST SP 800-53, FedRAMP documentation, and working with cloud service providers in a regulatory context. Responsibilities Develop and govern a comprehensive compliance roadmap to maintain CMMC certification, mitigating risks across all internal and external systems. Drive strategic initiatives for high-priority federal projects, ensuring all systems and processes meet the rigorous requirements for DoD Impact Level 6 (IL6) authorization Serve as the Subject Matter Expert (SME) for FedRAMP High standards. Act as a key liaison to the Federal Sales Team, serving as a subject matter expert (SME) to ensure all business development activities align with federal regulatory standards and security compliance frameworks. Support the FedRAMP Moderate authorization and reauthorization processes, including development, review, and maintenance of system security documentation (SSP, POA&M, SAP, SAR, etc.). Map and analyze security controls against FedRAMP Moderate/High baselines and NIST SP 800-53 controls. Assist in implementing and monitoring security controls for FedRAMP-authorized systems. Coordinate with internal teams (engineering, operations, DevSecOps) to ensure security requirements are integrated into system design and operation. Maintain continuous monitoring documentation and support periodic assessments (e.g., annual assessments, penetration tests, vulnerability scans). Interface with Third Party Assessment Organizations (3PAOs), government customers, and internal stakeholders to support audits and assessments. Track and manage Plan of Action and Milestones (POA&M) items to closure. Manage the Administration, Training and Development of the FedRAMP platform and all associated monthly, quarterly, annual requirements as per the FedRAMP authorization process. Provide compliance reporting, metrics, and risk analysis to management. Stay up to date with changes in FedRAMP requirements, NIST guidance, and related compliance frameworks (e.g., FISMA, CMMC). Required Qualifications U.S. Citizenship (required for working in GovCloud environments) Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). 2–3 years of experience in information security compliance or risk management, preferably in a FedRAMP or FISMA-regulated environment. Strong knowledge of NIST SP 800-53, FedRAMP Moderate/High baselines, and the FedRAMP authorization process. Experience with security documentation (SSP, POA&M, SAR, SAP, etc.) and governance tools. Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys) and interpreting security findings. Eligibility to obtain security clearance is required. Preferred Qualifications: Experience working with or in a 3PAO or federal agency. FedRAMP or NIST security control implementation experience in AWS, Azure, or Google Cloud environments. Security certifications such as: Certified Information Systems Security Professional (CISSP) Certified Information Security Auditor (CISA) Certified Authorization Professional (CAP) CompTIA Security+ or equivalent Soft Skills Strong analytical and problem-solving skills. Ability to work independently and manage multiple priorities in a fast-paced environment. Effective written and verbal communication abilities. Ability to collaborate across teams and explain technical issues to non-technical stakeholders. Self-motivated with the ability to manage multiple priorities. Our Compensation and Benefits At Menlo Security, Base Salary is one part of our competitive total compensation and benefits package and is determined using a salary range. The base salary range for this role is $165,000 - $275,000. In accordance with NY, CO, CA, and WA law, the range provided is Menlo Security’s reasonable estimate of the base compensation for this role. The actual amount may be higher or lower, based on non-discriminatory factors such as experience, knowledge, skills, abilities, and location. All employees may be eligible to become Menlo Security shareholders through eligibility for stock-based compensation grants, which are awarded to employees based on company and individual performance. Menlo Security does not accept unsolicited resumes from search firm recruiters. Fees will not be paid in the event a candidate submitted by a recruiter without an agreement in place is hired; such resumes will be deemed the sole property of Menlo Security. Menlo Security is an equal opportunity employer. All aspects of employment will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, veteran status, or any other status protected under federal, state, or local law. MSGL-I4 Why Menlo? Our culture is collaborative, inclusive, and fun! We have five core values: Stay Aligned, Get It Done, Customer Empathy, Think Creatively and Help Each Other Out. We believe in open communication, supporting new ideas, and sharing a mutual mindset of what we’re aiming to achieve together. There are tremendous opportunities to take initiative, implement new ideas, and have a hand in building a legacy. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. TO ALL AGENCIES: Please, no phone calls or emails to any employee of Menlo Security outside of the Talent organization. Menlo Security’s policy is to only accept resumes from agencies via Ashby (ATS). Agencies must have a valid services agreement executed and must have been assigned by the Talent team to a specific requisition. Any resume submitted outside of this process will be deemed the sole property of Menlo Security. In the event a candidate submitted outside of this policy is hired, no fee or payment will be paid.