Doxel logo

Senior Platform Engineer, Security

Posted 9 days ago

OfficeSan Francisco Bay Area, CASE175k - 220k USD
Construction is the 2nd largest industry in the world (4x the size of SaaS!). But unlike software (with observability platforms such as AppDynamics and Datadog), construction teams lack automated feedback loops to help projects stay on schedule and on budget.  Without this observability, construction wastes a whopping $3T per year because glitches aren’t detected fast enough to recover.

Doxel AI exists to bring computer vision to construction, so the industry can deliver what society needs to thrive. From hospitals to data centers, from foreman to VPs of construction, teams use Doxel to make better decisions everyday. In fact, Doxel has contributed to the construction of the facilities that provide many of the products and services you use everyday.

We have classic computer vision, deep learning ML object detection, a low-latency 3D three.js web app, a complex data pipeline powering it all in the background. We’re building out new workflows, analytics dashboards, and forecasting engines. 

We’re at an exciting stage of scale as we build upon our growing market momentum. Our software is trusted by Shell Oil, Genentech, HCA healthcare, Kaiser, Turner, Layton and several others. Join us in bringing AI to construction!


The Role

As a Senior Platform Engineer, with an emphasis on Security, your main mission is to build out Doxel's internal platform and define the golden paths that engineers rely on, replacing today's hand-rolled infra. Own cloud security posture on GCP, bake security into CI/CD and the supply chain, and help shape how Doxel uses AI safely. 
### What You'll Do
  • Work with DevOps team to build out golden paths that streamline developer and builder workflows streamlining and applying shift left security policies on CI/CD deployment, internal tooling, LLM, and data science workflows
  • Own cloud security posture on Google Cloud, landing-zone guardrails, least-privilege IAM, secrets and key management, codified as infrastructure-as-code so secure defaults are baked into golden paths rather than bolted on after
  • Continuously evaluate attack surfaces across the application, infrastructure, and cloud, prioritize findings by exploitability and blast radius, and feed the highest-leverage fixes back into the platform
  • Set and enforce AI-usage best practices, guardrails for agentic coding tools internally and Provide a security point of view on product AI/LLM features (prompt injection, data egress, model supply chain), in partnership with engineering leadership
  • Action on improving security and compliance through a risk based approach implementing SOC2, ISO27001, and ISO27701 security and compliance frameworks. 
    Drive adoption and raise the security bar across engineering through better defaults, not mandates.
  • ### What You Bring
  • 6+ years in platform engineering, infrastructure/DevOps, or site reliability, with real depth building infrastructure, not just operating it
  • Strong infrastructure-as-code skills (Terraform) and a track record of replacing ad hoc infra with reusable, self-service patterns
  • Hands-on cloud depth, ideally Google Cloud (AWS or Azure translates), including IAM, networking, and least-privilege design
  • Strong experience with Kubernetes and containerized workloads in production.
    Practical experience embedding security tooling into CI/CD (SAST, SCA, secret scanning, supply chain controls) and building secure-by-default pipelines
  • Strong programming or scripting ability (Python, Go, or similar) for building platform and automation tooling
  • A security mindset: you design for least privilege and think about how things get abused, even when security is not the headline of the task
  • Demonstrated ability to drive platform adoption and influence engineering teams without formal management authority.
  • ### Preferred
  • Experience standing up an internal developer platform or paved-road program from scratch
  • Working knowledge of AI/LLM security risks and a point of view on using AI tools safely
  • SOC 2, ISO 27001, or similar compliance experience in a fast-moving company.
  • Experience securing data warehouses or large data pipelines (Snowflake a plus)
  • Familiarity with construction tech, BIM/3D data, or other domain-rich data products
  • Doxel provides comprehensive health/dental/vision benefits for employees and their families including an Unlimited PTO policy, a 401(k) program, and a flexible work environment among other benefits. Doxel is an equal opportunity employer and actively seeks diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
    Job details
    Workplace
    Office
    Location
    San Francisco Bay Area, CA
    Experience
    SE
    Salary
    175k - 220k USD
    per year

    Automated construction progress tracking brings actionable insights to executives and makes the job easier for the field.

    Key team members

    Kevin D.

    Kevin D.

    Tamara Head

    Tamara Head

    Jesse Gill

    Jesse Gill

    Michael Toth-Fejel

    Michael Toth-Fejel

    Apply smarter with Jobr

    Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

    Direct from company career pages
    AI-personalised cover letters
    Human review before every submit
    Application tracking & follow-ups