Senior Security Engineer (Application & Cloud Security)

WHO WE ARE: MagicSchool is the premier generative AI platform for teachers. We're just over 2 years old, and more than 7 million teachers from all over the world have joined our platform. Join a top team at a fast growing company that is working towards real social impact. Make an account and try us out at our website and connect with our passionate community on our Wall of Love.

Senior Security Engineer

Role Description

As Senior Security Engineer (Application & Cloud Security), you will serve as the primary security enabler for our Engineering, Product, and Design teams - building the practices, tooling, and trust that allow developers to move fast without introducing risk. You'll report directly to the Director of IT and play a critical role in protecting the systems educators and students rely on every day.

MagicSchool is operating in a compliance-critical environment serving millions of educators and students. The security foundation is being actively built - not inherited - and this role is central to getting it right.

Responsibilities

In this role, you will be responsible for driving towards the following outcomes:

• Secure Development Lifecycle & Vulnerability Management: Champion secure development practices including threat modeling, code reviews, and dependency monitoring. Lead the implementation and ongoing management of StackHawk and GitHub Advanced Security for automated scanning, triage emerging threats like compromised packages and zero-day disclosures, and build developer-friendly workflows that integrate security without sacrificing velocity.

• Infrastructure & Architecture Security: Partner with IT and engineering leadership to maintain core security infrastructure - including firewall management, content filtering, and privilege access controls. Serve as a trusted security advisor in architecture conversations, helping teams design systems that are secure by default across AWS, Google Cloud, and on-prem environments.

• Identity & Access Management: Own the end-to-end IAM security strategy across cloud (AWS, GCP), SaaS, and internal tooling — including identity lifecycle management, SSO/SAML/OIDC configuration, role-based and attribute-based access controls, and zero-trust access patterns. Partner with IT and engineering to enforce least-privilege principles, govern developer and service account access, and build scalable access review processes that hold up under SOC 2 scrutiny.

• Red Teaming & Threat Assessment: Design and execute threat modeling exercises tailored to the unique attack surface of an AI-powered EdTech platform - including student data exposure, AI model misuse, and high-risk windows such as fundraising cycles. Plan and oversee red team assessments, either internally or through third-party partners.

• Incident Response & Preparedness: Serve as first responder and on-call point of contact for security incidents. Own and evolve incident response playbooks, lead postmortems, and run internal enablement programs - including workshops and simulations - that build security awareness and readiness across engineering and staff.

• Cross-Functional Alignment: Partner with IT and Compliance to support SOC 2, FERPA, and COPPA programs, and ensure engineering efforts stay aligned with our regulatory commitments.

Qualifications/Competencies/Skills

To be successful in this role, you’ll bring the following skills and competencies:

• Security Expertise & Tooling: Hands-on experience with SAST, DAST, and SCA tooling - ideally including StackHawk and GitHub Advanced Security - and cloud-native security within AWS and/or Google Cloud. Prior involvement in offensive security or red teaming.

• Threat Modeling & Architecture: Strong experience conducting or facilitating threat modeling using formal frameworks (e.g., STRIDE, PASTA) or lightweight iterative approaches. Comfortable serving as a security advisor in live architecture conversations.

• Technical Depth & Developer Partnership: You work directly inside engineering teams — through pull request feedback, pair programming, architecture reviews, and daily Slack presence — embedding security into the development workflow rather than reviewing it after the fact. You're a hands-on technical contributor first, and you measure success by the security improvements shipping in code.

• AI Application Security: Experience securing LLM-integrated or AI-powered products, with an understanding of the unique threat surfaces they introduce.

• Communication & Influence: Ability to translate complex security topics for both technical and non-technical stakeholders. Skilled at building cross-functional trust and coaching engineers on security principles without compromising developer velocity.

Experience

To be successful in this role, you’ll bring the following experience and qualifications:

• At least 5 years of experience in application or cloud security, with a track record of advancing security practices in fast-paced engineering environments.

• Proven track record of embedding directly into engineering teams - improving security posture, reducing vulnerability exposure, and building developer trust without compromising velocity.

Nice to Have:

• Experience supporting security components of SOC 2, FERPA, or COPPA programs

• Experience with StackHawk, GitHub Advanced Security, or comparable SAST/DAST tooling

• Familiarity with AI/LLM application security or threat modeling for AI-integrated products

• Experience in EdTech or other compliance-heavy B2B SaaS environments (SOC 2, FERPA, COPPA)

• Prior experience as a solo or small-team security function in a high-growth startup

Application Notice

Notice: Priority Deadline and Review Start Date Please note that applications for this position will be accepted until 4/26/26 - applications received after this date will be reviewed on an intermittent basis. While we encourage early submissions, all applications received by the priority deadline will receive equal consideration. Thank you for your interest, and we look forward to reviewing your application.

Why Join Us?

• Work on cutting-edge AI technology that directly impacts educators and students.

• Join a mission-driven team passionate about making education more efficient and equitable.

• Flexibility of working from home, while fostering a unique culture built on relationships, trust, communication, and collaboration with our team - no matter where they live.

For full time employees:

• Unlimited time off to empower our employees to manage their work-life balance. We work hard for our teachers and users, and encourage our employees to rest and take the time they need.

• Choice of employer-paid health insurance plans so that you can take care of yourself and your family. Dental and vision are also offered at very low premiums.

• Every employee is offered generous stock options, vested over 4 years.

• 401k match & monthly wellness stipend.

Our Values:

• Educators are Magic:  Educators are the most important ingredient in the educational process - they are the magic, not the AI. Trust them, empower them, and put them at the center of leading change in service of students and families.

• Joy and Magic: Bring joy and magic into every learning experience - push the boundaries of what’s possible with AI.

• Community:  Foster community that supports one another during a time of rapid technological change. Listen to them and serve their needs.

• Innovation:  The education system is outdated and in need of innovation and change - AI is an opportunity to bring equity, access, and serve the individual needs of students better than we ever have before.

• Responsibility: Put responsibility and safety at the forefront of the technological change that AI is bringing to education.

• Diversity: Diversity of thought, perspectives, and backgrounds helps us serve the wide audience of educators and students around the world.

• Excellence:  Educators and students deserve the best - and we strive for the highest quality in everything we do.