a16z is hiring a

Web3 Partner 20, Cybersecurity Software Engineer

We’ve established a team that is defined by respect for the entrepreneur and the company-building process; we know what it’s like to be in the founder’s shoes. We’ve invested in companies like Affirm, Airbnb, Coinbase, Databricks, Devoted Health, Insitro, Figma, GitHub, Instacart, OpenSea, Roblox, Stripe, and Substack. Our team is at the forefront of new technology, helping founders and their companies impact and change the world.

The Role

As the Partner, Cybersecurity Software Engineer at a16z, you will be a hands-on, high-impact contributor driving security outcomes well beyond the cybersecurity team. Reporting to the Chief Information Security Officer, you’ll work closely with developers, infrastructure engineers, and platform owners to embed security into the firm’s cloud infrastructure, developer tools, and internal systems. This is a high-autonomy, high-leverage role on a small team where you’ll build scalable, AI-native security solutions that mitigate risk, reduce attack surface, enhance detection, and accelerate response.

Your work will focus on secure software development practices, software supply chain security, container and artifact validation, modern identity architectures, and CI/CD-integrated security testing. You’ll apply data, analytics, and large language models to create intelligent systems that adapt to an evolving threat landscape, including advanced persistent threats and novel attack vectors. Most importantly, you will be a force multiplier—democratizing cybersecurity across the firm by enabling self-service models, accelerating delivery, and empowering teams to move quickly without compromising trust.

This role blends cloud infrastructure engineering with security software development, ideal for someone who moves fluently between systems, code, and architecture, and thrives in shaping secure, scalable foundations that teams can build on.

We are open to candidates based in the San Francisco Bay Area, CA. The role requires an in office presence at least 2 days a week in our Menlo Park, CA or San Francisco, CA office. 

To join our team, you should be excited to:

• Lead the design and development of security solutions that mitigate risk, reduce attack surface, enhance detection, and accelerate incident response
• Engineer secure infrastructure and platform-level controls, including Kubernetes, containerized workloads, API protection, and deployment patterns for hyperscaler environments (AWS and GCP)
• Implement and manage scalable security controls across the software development lifecycle, integrating CI/CD pipelines, infrastructure-as-code, artifact governance, API security, and early-stage vulnerability management
• Improve the security posture of enterprise systems, including endpoint security, network segmentation, device management, and identity and access layers such as MFA, passwordless auth, OIDC/SAML, AuthZ/AuthN, ABAC, and secrets management
• Build self-service security tooling and automation frameworks that enable engineering and IT teams to move independently and securely, with a focus on improving developer experience (DX) and minimizing friction in secure-by-default workflows
• Develop and improve core security capabilities using data, analytics, and large language models, enabling adaptive detection, intelligent decisioning, and scalable response
• Build and maintain security telemetry and observability pipelines, enabling real-time detection, investigation, and performance monitoring across distributed systems
• Architect composable infrastructure security design patterns, including reusable cloud deployment baselines and hardened service configurations
• Drive data protection and privacy engineering efforts, ensuring encryption, tokenization, access control, and policy enforcement for sensitive data such as PII, PHI, and NPI
• Democratize security practices across the firm, empowering teams through documented patterns, reusable components, and DX-first tooling that integrates seamlessly into their workflows
• Collaborate across engineering, platform, and business teams to scale trust, align security with team velocity, and reduce friction in delivery pipelines
• Author and maintain secure architecture standards, reference implementations, and reusable security patterns that promote consistency, resilience, and agility across teams

Minimum Qualifications

• A minimum of 5 years of progressive experience in cybersecurity, cloud infrastructure, or software engineering, with a proven track record of building secure systems across complex environments
• Hands-on experience designing and implementing security architectures and engineering controls that protect against advanced threats and support scalable, cloud-native infrastructure
• Deep technical knowledge of modern operating systems (Linux, Windows, macOS), network protocols, system internals, and enterprise IT environments
• Proficiency in scripting and automation languages including Python and Bash; PowerShell for Windows environments
• Familiarity with Infrastructure as Code (IaC) tools such as Pulumi or Terraform, with experience managing secure, repeatable deployments in AWS or GCP
• Familiarity with Go, Rust or TypeScript for building security tooling or developer integrations
• Demonstrated expertise in securing modern cloud platforms (AWS and GCP strongly preferred), with experience in native services, IAM models, and automation patterns
• Experience with Kubernetes and container security, including workload isolation, runtime protection, and orchestration-level controls
• Practical understanding of API security, CI/CD integration, software supply chain risks, and security testing tools (SAST, DAST, SCA)
• Strong grasp of identity and access management (IAM), including authentication protocols (OIDC, SAML), MFA, secrets management, and attribute-based access control (ABAC)
• Excellent written and verbal communication skills, with the ability to convey complex technical concepts to diverse stakeholders
• Ability to work independently in a fast-paced, high-autonomy environment, while also collaborating effectively across engineering, IT, and security teams
• High degree of ownership, curiosity, and a continuous learning mindset to stay ahead of evolving threats and emerging technologies
• Relevant certifications such as CISSP, OSCP, GIAC, or Cloud Security Alliance certifications are preferred but not required
• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related technical field is preferred but not required
• Low ego, high empathy, and the capacity to collaborate effectively with diverse teams

The anticipated salary range for this role is between $243,000 - $284,000, actual starting pay may vary based on a range of factors which can include experience, skills, and scope.

This role is eligible to participate in the a16z carry program and various discretionary bonus programs as well as benefit and perquisite plans including health, dental, vision, disability, life insurance, 401K plan, vacation, and sick leave.