Senior Security Engineer

About Moloco

Moloco builds some of the most powerful AI advertising solutions in the world. Our name—short for "machine learning company"—reflects our core mission: democratizing access to the advanced AI that has historically been reserved for tech giants. Led by machine learning pioneers who built some of the most successful ad systems at Google, including You Tube's monetization engine and key search advertising technologies, we're transforming how businesses grow and compete in the digital economy.

Built with AI from day one, Moloco’s planet‑scale machine learning platform powers a suite of solutions for advertising growth and monetization. Moloco Ads is an AI-powered platform that delivers real business outcomes for mobile app marketers through performance‑based user acquisition. Moloco Commerce Media and Streaming Monetization solutions enable retailers, marketplaces, and streaming platforms to build revenue‑generating ad businesses that balance user experience and advertiser performance.

Moloco is headquartered in Silicon Valley, with offices in Seattle, New York, San Francisco, Seoul, Beijing, Singapore, Bangalore, Gurgaon, Tokyo, Shanghai, London, Tel Aviv, and Berlin.

Moloco is a truly rewarding place to work and in an exciting period of growth, which you could be a part of. Join us today and apply now!

Impact You’ll Be Contributing to Moloco

We are seeking a Senior Security Engineer to strengthen the security posture of our cloud infrastructure and applications. This role is critical to proactively identifying and reducing risk, automating security controls, and ensuring Moloco’s platforms remain secure, resilient, and compliant as the business scales.

The Opportunity

As a Senior Security Engineer, you will partner closely with Dev Ops, platform, and application teams to embed security into day‑to‑day engineering workflows. You will help shift security left, reduce operational risk, and enable teams to move fast without compromising security.

• Integrated Security:
Embeds automated security testing (SAST/DAST) into CI/CD pipelines to identify vulnerabilities early.

• Secure

Infrastructure: Implements safeguards across infrastructure‑as‑code, containers, and cloud environments to minimize risk from misconfigurations or unintended use.

• Threat Management:
Automates vulnerability scans and real‑time threat responses to reduce risks. Participate in security triage and vulnerability management process.

• Compliance:
Ensures adherence to standards like SOC 2 or GDPR within Dev Ops processes.

• Efficiency:
Automates manual security tasks, accelerates development, and reduces delays caused by late‑stage fixes.

• Resilience:
Builds robust defenses against evolving threats with incident response playbooks and threat intelligence.

How Do I Know if the Role is Right For Me?

Minimum Requirements:

• 5+ years of experience as a Security Engineer or in a similar role with a strong foundation in CI/CD, automation, and cloud infrastructure

• Strong understanding of cloud security principles (AWS, GCP, or Azure)

• Experience securing CI/CD pipelines (e.g., Git Hub Actions, Git Lab CI, Jenkins, Harness)

• Familiarity with infrastructure‑as‑code and related security tools

• Proficiency in scripting languages (Python, Bash, etc)

• Hands‑on experience with container security (e.g., Docker image scanning, Kubernetes best practices)

• Knowledge of IAM, secrets management, and secure key handling

• Experience with vulnerability scanning, remediation workflows, and risk prioritization.

• Ability to identify and mitigate misconfigurations in cloud and IaC environments

• Comfortable collaborating with Dev Ops, platform, and application teams

Preferred Qualifications:

• Familiarity with compliance frameworks (SOC 2, ISO 27001, NIST, etc.)

• Experience with security monitoring and incident response processes

• Exposure to SIEM or EDR tools (e.g., Splunk, Crowd Strike, Google Sec Ops)

• Experience with SAST/DAST and dependency scanning tools

• Familiarity with zero‑trust networking concepts

• Knowledge of threat modeling and risk assessment practices

Our Compensation And Benefits (for United States Residents Only)

In accordance with various…