As a Senior/Lead Security Engineer, you'll be a vital part of the Infrastructure Security Team, focusing on strengthening the security posture across Klaviyo's entire technology environment, developing security architectures and repeatable patterns and mentoring colleagues and junior security engineers. Unlike roles with a narrowly defined specialty, this position offers the opportunity to demonstrate your unique expertise-whether that's in cloud security, identity and access management, data protection, secure systems design, or other security domains. Your work will involve evaluating and hardening our infrastructure, collaborating with cross-functional teams, and leveraging AI to build scalable solutions to address emerging threats.

We are looking for someone who is excited to bring their specialized skills to the team, shaping Klaviyo's security practices and helping us continue to raise the bar.

• Secure Klaviyo's infrastructure by designing, implementing, and maintaining scalable security controls across cloud, on-prem, and hybrid environments
• Evaluate and improve security configurations and policies across a range of technologies, using your domain expertise to reduce risk and enable secure-by-default architectures
• Collaborate with engineering and IT teams to embed security practices and develop repeatable security patterns across the development and deployment lifecycle
• Lead threat modeling, risk assessments, and architecture reviews in areas aligned with your specialty
• Develop automated solutions and infrastructure-as-code to drive consistent and reproducible security outcomes
• Stay ahead of the latest threats and advocate for innovative security solutions aligned with business needs
• Help define security standards and best practices at Klaviyo, championing their adoption across teams

• Have 5+ years of experience in infrastructure or security engineering roles, with deep knowledge in one or more security focus areas (eg, cloud security, IAM, endpoint security, data protection, detection engineering, compliance)
• Comfortable navigating ambiguity and defining priorities in a broad-scoped role
• Experienced working in modern cloud environments such as AWS, GCP, or Azure
• Familiar with infrastructure-as-code tools such as Terraform, CloudFormation, or Pulumi
• Proficient in secure systems design, threat modeling, and vulnerability management
• AI Agentic development and prompt engineering, MCP (AWS Bedrock, OpenAI, Anthropic)
• Able to clearly articulate complex security topics to technical and non-technical stakeholders
• Passionate about security, eager to learn from others and share your expertise
• Nice to have - certifications (eg, CISSP, CKS, GCP/AWS Security certs) or equivalent practical experience

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyos brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you're a close but not exact match with the description, we hope you'll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny.