Principal Engineer, Security

Klaviyo


Job Location:

Boston, MA - USA

Monthly Salary: Not Disclosed
Posted on: Yesterday
Vacancies: 1 Vacancy

Job Summary

At Klaviyo we value the unique backgrounds experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If youre a close but not exact match with the description we hope youll still consider applying. Want to learn more about life at Klaviyo Visit see how we empower creators to own their own destiny.


Klaviyos platform sends billions of messages and processes petabytes of customer data for hundreds of thousands of businesses. As we scale up-market and embed AI/agentic systems throughout our product and platform security must be built into the foundation not bolted on. The Principal Engineer Security is a hands-on IC who owns Klaviyos infrastructure security architecture: IAM secrets management network defenses vulnerability management security tooling and the compliance controls that underpin our enterprise and regulatory obligations.

This is an individual-contributor role no direct reports. You lead through technical depth code and design quality partnering closely with the Core Infrastructure PE SRE and AppSec teams to make secure by default a reality for every engineering team at Klaviyo.

What Youll Do

  • Define and own Klaviyos infrastructure security architecture: IAM frameworks service-to-service auth secrets management network segmentation and production access controls designed to scale with our multi-tenant multi-region footprint.
  • Build and maintain security guardrails as IaC modules; codify controls into golden paths that teams inherit automatically so security improves with velocity not against it.
  • Own the vulnerability management program: SLO-backed triage and remediation trend tracking and systemic fixes turn recurring vulnerability classes into solved engineering problems.
  • Define the security SLO and compliance framework for production infrastructure; run readiness reviews communicate posture clearly to engineering and exec stakeholders.
  • Author security ADRs and RFCs; partner with the Core Infrastructure PE to embed security controls in CI/CD pipelines paved roads and the observability stack.
  • Lead threat modeling and security design reviews for high-risk architectural changes accelerate delivery by making reviews lightweight and high-signal.
  • Partner with SRE AppSec and FinOps on cross-cutting initiatives: zero-trust progress GDPR/compliance guardrails and audit readiness for SOC 2/ISO 27001.
  • Write high-impact code automation and tooling; mentor Staff and Senior security engineers across teams through design pairing code review and example.
  • Transform workflows by putting AI at the center building smarter systems and ways of working from the ground up.

Who You Are

  • Experience: 10 years in infrastructure or platform security engineering with a track record of shipping security improvements that measurably reduced risk or improved compliance posture at scale.
  • Technical depth: Deep in cloud infrastructure security (AWS/GCP IAM service mesh mTLS secrets management network defenses); you architect and ship production controls not just audit them.
  • SLO and compliance rigor: You define security SLOs track MTTR for vulnerabilities and communicate risk posture clearly; you translate security work into business language that non-security stakeholders act on.
  • Developer-centric mindset: You build tools and guardrails that other engineers adopt because they make their work easiernot because theyre required to.
  • Cross-org influence: You align teams through threat models security reviews and IaC guardrails; you earn credibility via code design quality and clear reasoning not title.
  • Operational excellence: Youve been on-call for security incidents. You write runbooks lead readiness reviews and treat recurring vulnerabilities as systemic engineering problems.
  • Communication: You write crisp ADRs and RFCs run effective security design reviews and translate risk exposure into decisions business stakeholders can act on.
  • AI tools and automation: Youve brought AI into security engineering automated threat detection intelligent vulnerability triage AI-assisted compliance checks or security copilotswith explicit guardrails and audit trails.
  • Youve already experimented with AI in work or personal projects and youre excited to dive in and learn fast. Youre hungry to responsibly explore new AI tools and workflows finding ways to make your work smarter and more efficient.

Nice to Haves

  • Experience with zero-trust architecture and progressive access control in a large multi-tenant SaaS environment.
  • Deep familiarity with enterprise compliance frameworks (SOC 2 ISO 27001 GDPR) and the infrastructure controls that underpin them.
  • Track record of embedding security tooling into CI/CD and IaC pipelines adopted org-wide.
  • Experience securing AI/ML systems: model access controls data privacy guardrails and agentic system security boundaries.

Success in 6 - 12 Months

  • Security guardrails codified as IaC modules and enforced in paved roads; IAM and secrets management posture measurably improved.
  • Security SLO framework established; MTTR for critical vulnerabilities trending down; recurring vulnerability classes addressed systemically.
  • Zero-trust progress measurable against defined milestones; demonstrable audit readiness for SOC 2 / ISO 27001.

Required Experience:

Staff IC

At Klaviyo we value the unique backgrounds experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements....

About Company

Company Logo

Klaviyo unifies AI-powered email marketing and SMS to drive growth, retention, and measurable results. Build personalized, omnichannel experiences across WhatsApp, ecommerce, and more with K:AI Agents.

View Profile View Profile