Infrastructure Security Engineer Jobs in San Francisco, CA

Who We Are

Serval is an AI-native automation platform transforming how enterprises operate. We build intelligent agents that understand real-world workflows and execute them end-to-end — replacing manual processes and rigid legacy systems with adaptive, learning software. Founded in early 2024, Serval is already trusted by companies like Fox, Notion, Perplexity, Vercel, and Brex to automate high-volume, high-friction operational work across their organizations.

At the core of Serval is an agentic AI platform that turns natural language into production-grade workflows. Our agents don’t just respond to requests — they reason, take action across systems, and continuously improve with usage. What began with operational use cases has quickly evolved into a horizontal AI automation layer used across IT, HR, Finance, Security, Legal, and Engineering.

Our mission is to eliminate repetitive, manual work across the enterprise and give teams leverage through intelligent automation. Long term, we’re building the universal AI operations layer — a system of agents that sits across business functions and runs the workflows that keep modern companies moving.

We’re backed by leading investors including Sequoia Capital, Redpoint Ventures, Meritech, First Round, General Catalyst, Elad Gil, and others.

Role Overview

As Corporate Security Lead, you'll build and scale the foundations of how Serval secures its workforce, devices, and the SaaS systems the company runs on. You will set the strategy and drive execution for endpoint security across our fleet, device trust, SaaS security posture, workforce identity, and corporate network access. You’ll make it easy for employees to do their jobs securely while keeping the corporate environment defensible against sophisticated adversaries.

You'll be a hands-on leader with deep technical credibility and strong operational instincts. You will build and mentor a team, partner closely with IT, Engineering, D&R and Infrastructure Security, and ensure that strong device posture, least-privilege access, and secure-by-default corporate systems are the path of least resistance for the people who work here.

• Own endpoint security for our fleet, maintain hardened configuration baselines, endpoint detection and protection, full-disk encryption, patch and compliance posture, and centralized device management at scale.
• Stand up and operate a device trust program so that only healthy, managed, and attested devices can reach corporate and production resources, with posture continuously verified as a condition of access.
• Implement binary authorization and application controls on endpoints, allowlisting and execution policy that prevents unauthorized or untrusted software from running, with a workflow that scales without grinding engineering to a halt.
• Build a SaaS Security Posture Management practice across the company's SaaS estate, securing configurations, monitoring for drift, and governing third-party application access, with particular focus on OAuth grant and integration governance against the corporate identity and productivity suite.
• Own workforce identity and access, single sign-on, strong/phishing-resistant multi-factor authentication, and joiner/mover/leaver lifecycle, enforcing least privilege across corporate systems.
• Lead corporate network security, including rollout of certificate-based, port-level network access control (e.g., 802.1x) across offices, and partnering with Infrastructure Security on zero-trust / mesh network access policies and ACLs.
• Build, lead, and directly mentor a team spanning endpoint security, corporate/SaaS security, and identity, hiring and scaling these functions deliberately and proportionately as Serval grows.
• Embed security into how the company works by design, partnering across IT, Engineering, and People teams so that secure defaults and paved roads are easier than the insecure alternative, and using Serval's own agents to automate corporate-security operations.

• Have 10+ years in cybersecurity with deep expertise in corporate/enterprise security, endpoint security, and workforce identity.
• Have deep, hands-on expertise securing and managing a Mac-native fleet, MDM, configuration management, hardening, and endpoint protection on macOS.
• Have built or operated device trust, binary authorization/application allowlisting, and SaaS security posture management programs in a fast-moving environment.
• Have a strong command of workforce identity (SSO, phishing-resistant MFA, lifecycle automation) and third-party OAuth application governance across a corporate identity and productivity suite.
• Have experience rolling out certificate-based network access control (802.1x) and partnering on zero-trust / mesh network access policies and ACLs.
• Have stellar leadership skills and a demonstrated history of driving durable, continuous improvements to programs, processes, and people.
• Have strong engineering and automation instincts, comfortable scripting, building tooling, and treating corporate-security controls as code rather than one-off manual configuration.
• Have deep experience building and leading endpoint, corporate/SaaS security, and identity teams.
• Are mission-oriented, have unimpeachable integrity, and are passionate about securing a modern, high-trust workforce in a complex, fast-paced environment.

What We Offer

• Impact: Be a key player in shaping the success of our product and company.
• Growth: Build a fundamentally new AI product offering with the support of our experienced team and investors. Grow rapidly with the company.
• Culture: Join a culture that values innovation, ownership, accountability, and fun.

Compensation Range: $200K - $325K