Product Security Tech Lead

Who We Are

TetraScience is the Scientific Data and AI company. We are catalyzing the Scientific AI revolution by designing and industrializing AI-native scientific data sets, which we bring to life in a growing suite of next-gen lab data management solutions, scientific use cases, and AI-enabled outcomes.

TetraScience is the category leader in this vital new market, generating more revenue than all other companies in the aggregate. In the last year alone, the world’s dominant players in compute, cloud, data, and AI infrastructure have converged on TetraScience as the de facto standard, entering into co-innovation and go-to-market partnerships: Latest News and Announcements | TetraScience Newsroom

In connection with your candidacy, you will be asked to carefully review the Tetra Way letter, authored directly by Patrick Grady, our co-founder and CEO. This letter is designed to assist you in better understanding whether TetraScience’s values and ethos are the right fit for you.

It is impossible to overstate the importance of this document and you are encouraged to take it literally and reflect on whether you are aligned with our unique approach to company and team building. If you join us, you will be expected to embody its contents daily.

What You Will Do

We’re looking for a hands-on Product Security Technical Lead to drive the design, implementation, and evolution of our security engineering program. You’ll lead a team of Security Engineers focused on hardening our SaaS and data platforms by breaking things before attackers do — identifying vulnerabilities, building secure infrastructure, and integrating protection across our CI/CD pipelines. This role demands deep technical expertise across AWS, Python, and application & cloud security, along with a hacker’s curiosity and a builder’s discipline. You’ll have complete ownership of product and cloud security from architecture to execution. You’ll lead by doing — hacking, breaking, and building resilient systems. Be part of a company where security isn’t an afterthought — it’s a product feature.

Key Responsibilities

• Own and evolve the organization’s entire application security posture, with a focus on application and cloud security across all product lines

• Perform offensive and defensive security assessments — threat modeling, code review, penetration testing, and vulnerability exploitation.
• Build and integrate automated security tooling (SAST, DAST, dependency scanning, IaC scanning) into CI/CD pipelines
• Develop security automation and internal tooling using Python, Bash, or Go.• Partner with Engineering, DevOps, and Infrastructure teams to ensure secure AWS architectures (VPC, IAM, KMS, GuardDuty, CloudTrail, WAF).
• Oversee incident response and root cause analysis for product and infrastructure-level security events.
• Define and enforce secure coding standards, and lead threat modeling sessions for critical features and services
• Continuously hunt for vulnerabilities, test assumptions, and “break things safely” to strengthen the platform

Requirements:
• Bachelor's degree in computer science or another equivalent degree
• 8+ years of hands-on experience in Application, Cloud, or Product Security roles, with lead or staff-level responsibilities
• Deep expertise in AWS security architecture and service hardening
• Advanced programming and scripting ability in Python (Bash or Go a plus)
• Proven experience with offensive security: hacking, exploit analysis, or red team operations
• Strong foundation in vulnerability management, threat modeling, and incident response
• Proficient with DevSecOps tools and modern CI/CD environments
• Familiarity with container and orchestration security (Docker, Kubernetes, EKS)
• Certifications such as AWS Certified Security – Specialty, OSCP, or CISSP are a big plus

Benefits:
• 100% employer paid benefits for all eligible employees and immediate family members.
• 401K.
• Unlimited paid time off (PTO).
• Flexible working arrangements.
• Company paid Life Insurance, LTD/STD.