Security Engineer

About Menlo Menlo Research is an Applied R&D lab building Asimov, an open-source humanoid robot platform, and the full software stack that powers it.

Our mission is to make humanoid labor economically viable -- turning software into physical labor at scale.

We build across the full stack: hardware architecture, locomotion, autonomy, simulation, and infrastructure.

We move fast, ship to real robots, and open-source everything we can.

If you want your work to matter beyond a paper or a demo, this is the place.

The Role This is not a role for running scans or writing policies that gather dust.

We want someone who thinks like a builder and a breaker: someone who gets deep into the stack, understands how things are supposed to work, and knows what happens when they don't.

Menlo does not have a dedicated security function yet.

You will be the first.

That means defining the unified security strategy across cloud and on-premise robot deployments, owning the threat surface, building the tooling, and setting the standards the rest of the team builds against.

Full ownership, no inherited playbook.

What You'll Do Own the threat model across Menlo Platform: Robot API, Asimov API, Uranus, Cyclotron, and the deployment loop Develop and maintain a comprehensive security framework spanning Menlo Cloud and on-premise robot deployments at customer and operator sites Design and enforce RBAC and modern authentication protocols across the fleet and developer platform Implement end-to-end encryption for data at rest and in transit, covering robotic telemetry, sensor streams, and training data Establish secure and auditable remote access solutions for engineers troubleshooting robots in the field Define and enforce the trust model across Platform APIs, covering authentication, authorization, and agent identity Model attack surfaces in the agent-to-hardware translation layer, with focus on safety envelope bypass, rollback integrity, and telemetry tampering Own secrets management, credential lifecycle, and supply chain security for Platform dependencies Audit and harden infrastructure deployments across IaC tooling including Terraform, Helm, and Ansible Build and maintain tooling for vulnerability management, secret scanning, dependency auditing, and incident detection Embed security review into the deployment loop: packaging, versioning, and rollback pipelines Partner with Infrastructure on security requirements for Menlo Cloud without owning the infrastructure itself What We're Looking For 5 or more years as a software or security engineer with strong hands-on security depth Experience defining security boundaries in distributed systems, including hybrid cloud and on-premise environments Hands-on Linux systems engineering and networking experience Proficiency with IaC tooling such as Terraform, Helm, or Ansible Experience with Kubernetes and securing containerized environments Ability to threat model novel attack surfaces, including hardware-adjacent or agent-driven software Proficiency in Python or Go Comfortable operating as the first security hire, without a team or playbook to fall back on Strong engineering judgment and clear written communication Bonus Points Experience with robotics, embedded systems, or IoT security Familiarity with agentic frameworks, LLM infrastructure, or AI platform security Prior work in environments with physical safety requirements Contributions to open-source security tooling or research Experience with secure remote access solutions for industrial or field-deployed hardware Why Join Menlo ? You will be the first security hire at a company building at the intersection of embodied AI and humanoid robotics.

What you build here will be foundational.

There is no bureaucracy between you and the problem.