Role Overview
Heygen is hiring a Security Engineer. This is a full-time role in San Francisco, Palo Alto, Toronto. Part of Heygen's Embedded hiring, posted last week. Full responsibilities, required qualifications, and the apply link are listed in the description below.
Salary Context
Salary is not disclosed in this posting. Market median for Embedded roles is $130k-$180k (based on 20 comparable listings). Many employers share specifics during the interview process or after an initial screen.
Resume Keywords to Include
Make sure these keywords appear in your resume to improve ATS scoring
Job description
About HeyGen
At HeyGen, our mission is to make visual storytelling accessible to all. Over the last decade, visual content has become the preferred method of information creation, consumption, and retention. But the ability to create such content, in particular videos, continues to be costly and challenging to scale. Our ambition is to build technology that equips more people with the power to reach, captivate, and inspire audiences.
Learn more at www.heygen.com. Visit our Mission and Culture doc here.
Position Summary
As a Security Engineer at HeyGen, you will own the security posture of one of the fastest-growing AI companies in the world. You will partner directly with engineering teams to ship secure features, harden our cloud infrastructure, and build the compliance and trust programs that unlock enterprise deals. This is a high-impact, high-autonomy role for an engineer who thinks in threat models and ships code.
Key Responsibilities
- Product & Infrastructure Security: Partner with engineering teams as an embedded security expert — writing code, reviewing architectures, and building secure application features and infrastructure components from the ground up.
- Fraud Detection & Remediation: Design and implement automated fraud detection systems to mitigate platform abuse, credential stuffing, and payment fraud. Partner with product and engineering to build real-time monitoring and rapid-response remediation workflows.
- Cloud & Vulnerability Management: Own the strategy and execution for hardening our AWS/Python infrastructure. Build and run a robust vulnerability management program, including network security, cloud configuration, and remediation workflows.
- AI Security: Serve as HeyGen's point person for AI and agentic system security. As we scale our agentic coding and AI agent products, you will ensure these rollouts are designed and deployed with strong security controls.
- GRC & Compliance: Oversee our SOC 2 compliance operations (currently managed via Drata) and annual audit cycles. Evaluate and roadmap future certifications, including ISO 27001, as the business scales.
- Trust & Safety Oversight: Provide high-level oversight for platform abuse and content moderation (in partnership with growth and avatar teams), and serve as the escalation point for IT security incidents.
Qualifications
- Strong software engineering background with hands-on Python and AWS experience; you write code, not just policies.
- Demonstrated experience securing cloud infrastructure and applications — vulnerability management, network security, IAM, and secrets management.
- Familiarity with GRC frameworks and compliance programs (SOC 2, ISO 27001, or equivalent).
- Excellent communication skills: able to translate threat models for engineers, compliance requirements for auditors, and security architecture for enterprise CISOs.
- Comfortable with ambiguity and rapid scale; you prioritize ruthlessly and know when to build vs. buy.
- Experience with modern security tooling is a plus (Drata, Infisical, Bugcrowd, or equivalents).
Why HeyGen:
- Massive Scale, Unique Problems: We are protecting user identity at one of the fastest growth rates in SaaS history. The security engineering challenges here are genuinely novel.
- Speed with Guardrails: Our security philosophy is not about saying "no." It is about building guardrails that let the engineering team ship fast without introducing unacceptable risk.
- Mature Tooling from Day One: We already run Drata for GRC, Infisical for secrets management, and a private bug bounty program via Bugcrowd. You are not starting from zero.
- Autonomy and Ownership: You will have the visibility and resources to shape HeyGen's entire security roadmap. Small team, big mandate.
About Heygen
Frequently Asked Questions
How do I apply for the Security Engineer position at Heygen?
Use the Apply button above to submit your application directly to Heygen. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.
Where is the Security Engineer position at Heygen located?
This position is based in San Francisco, Palo Alto, Toronto. Heygen has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.
What does a Security Engineer at Heygen earn?
Heygen has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.
When was the Security Engineer role at Heygen posted?
This role was posted on June 30, 2026 (9 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.
Similar Jobs
Embedded Software Engineer
Hellbenderinc
Principal Embedded Software Engineer
10beauty
Senior Systems Test Engineer
10beauty
Staff Embedded Software Engineer
Lightmatter
Staff Embedded Software Engineer
Lightmatter
More Jobs at Heygen
View all →Growth Marketing Specialist
Heygen
Developer Community Manager
Heygen
Commercial Account Executive, New Business
Heygen
Strategic Revenue Partnerships Lead
Heygen
Social Content Creator (Contract)
Heygen
AI-powered job search
Get every job scored to your resume
Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.
Get started freeNo credit card to start