Position Overview

Simbe deploys AI-powered robots across enterprise retail at scale. Winning and retaining those accounts requires a security posture that matches the sophistication of the customers we serve — and the complexity of what we build. This role owns that posture end to end: from the laptops on employees' desks to the robots operating on store floors.

This is a high level and hands-on IC role with high ownership and direct access to leadership. The right person is equally comfortable as the first call when something breaks and the one presenting our compliance roadmap to the board.

Responsibilities

Corporate IT & Operations

• Device lifecycle and desktop support for a distributed workforce

• Onboarding/offboarding provisioning across the full SaaS and tooling stack

• Office network design, maintenance, and physical access controls at HQ

• SSO/IdP, MDM, and SaaS access management

• System administration for company-wide SaaS tools (Google Workspace, Slack, Atlassian, and others); collaborate with Engineering on access and security where corporate and infrastructure systems intersect

Security & Compliance

• Endpoint security, IAM, vulnerability management, and incident response

• Security policy development and employee security awareness program

• Own security and privacy certification end to end: readiness, controls implementation, audit coordination, and ongoing compliance

Product & Connected Systems Security

• Stay current on cybersecurity risks relevant to robotics, edge AI, and retail environments; translate emerging threats into actionable guidance for Engineering and Product

• Advise on security architecture for new product features and customer integrations — threat modeling, access controls, data handling — without being in the critical path

• Assess cybersecurity risk across the robot fleet and customer-deployed systems; surface findings to leadership and flag issues that require remediation

AI Security & Governance

• Serve as Simbe's internal expert on AI/ML security: track emerging attack vectors, threat research, and evolving frameworks and translate findings into actionable guidance for Engineering, Product, and leadership

• Assess security risks in Simbe's AI systems — model endpoints, inference pipelines, LLM integrations — and recommend controls around adversarial inputs, prompt injection, model extraction, and data exposure

• Develop and enforce AI tool governance policies for internal use: procurement criteria, data handling guardrails, and acceptable use standards

• Help employees use AI tools effectively and safely; provide training and guardrails as the tooling landscape evolves

Requirements

5–8 years across corporate IT and security; startup experience required

Hands-on security and privacy certifications to support business growth

Strong command of MDM, SSO/IdP, endpoint protection, and cloud security

Working knowledge of OT/IoT security concepts; edge device or embedded systems security experience a plus

Deep knowledge of AI/ML security risks and familiarity with applicable frameworks (NIST AI RMF, OWASP LLM Top 10, MITRE ATLAS); experience applying these in a product or enterprise environment, not just theoretical exposure

Operates well without a team under them; comfortable building from scratch

135000 - 165000 USD a year