SandboxAQ
Staff Security Engineer, Data Protection
Job Summary
This role involves taking ownership of data protection and security within SandboxAQ's cloud environments, ensuring the confidentiality, integrity, and availability of data such as CUI. The engineer will develop automation for vulnerability detection and data loss prevention, and collaborate with cross-functional teams to improve security architectures and privacy compliance. Experience with cloud platforms like AWS and GCP, as well as familiarity with security standards like CMMC and NIST, is essential. The position offers opportunities to work on scalable infrastructure, support security automation, and contribute to a growing, remote-first company committed to innovation and inclusion.
Required Skills
Benefits
Job Description
About SandboxAQ
SandboxAQ is a high-growth company delivering AI solutions that address some of the world's greatest challenges. The company’s Large Quantitative Models (LQMs) power advances in life sciences, financial services, navigation, cybersecurity, and other sectors.
We are a global team that is tech-focused and includes experts in AI, chemistry, cybersecurity, physics, mathematics, medicine, engineering, and other specialties. The company emerged from Alphabet Inc. as an independent, growth capital-backed company in 2022, funded by leading investors and supported by a braintrust of industry leaders.
At SandboxAQ, we’ve cultivated an environment that encourages creativity, collaboration, and impact. By investing deeply in our people, we’re building a thriving, global workforce poised to tackle the world's epic challenges. Join us to advance your career in pursuit of an inspiring mission, in a community of like-minded people who value entrepreneurialism, ownership, and transformative impact.
About the Role
SandboxAQ is a growing, fully remote technology company, which is striving to follow best security practices. We are looking for an engineer to take ownership of our data protection capabilities and help strengthen our security posture. As part of the Information Security team, this engineer will play a critical role in keeping our data safe as well as maintaining high levels of security assurance for our customers.
What You’ll Do
- Work cross-functionally to ensure security and privacy of SandboxAQ and customer data
- Develop strategies and automation around data classification and monitoring
- Work within AWS and GCP environments making sure our systems are configured correctly and architected following best security practices
- Assist product teams in design of multi-tenant SaaS products
- Act as the steward of CUI data within our organization
- Automate vulnerability detection, data loss prevention (DLP), and privacy incident response across cloud platforms
- Collaborate with the development, DevOps, and InfoSec team to integrate privacy solutions into CI/CD pipelines
- Document privacy architectures, data flows, and technical implementations
Who You Are
- U.S. citizenship is required due to USG contract requirements
- Experienced in managing confidentiality, integrity and availability of data within cloud environments, both manually and through automation
- Have an understanding of industry best practices and tooling, including their limitations
- Proficient in risk-based decision making as it applies to data classification
- Have worked with CUI data and are familiar with CMMC 2.0 / NIST 800-171 controls
- Able to develop sensible data retention policies
- Strong communication skills and ability to work across different groups to build consensus on scalable data design patterns
Nice To Have
- Have actively participated in standing up SOC2 compliance
- Practical experience with GDPR / CPPA / similar conformance
- Experience with GCP DLP and Amazon Macie
- Experience with Infra-as-code, such as Terraform or similar
- Reliability engineering mentality: ability to design scalable, maintainable, and testable infrastructure
The US base salary range for this full-time position is expected to be $154k - $216k per year. Our salary ranges are determined by role and level. Within the range, individual pay is determined by factors including job-related skills, experience, and relevant education or training. This role may be eligible for annual discretionary bonuses and equity.
SandboxAQ welcomes all.
SandboxAQ
SandboxAQ leverages the compound effects of AI and advanced computing to address some of the biggest challenges impacting society. SandboxAQ technologies include AI simulation, cryptography management for cybersecurity, and AI sensing for global organizations.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.