Security Architect

About Goodfire Goodfire is a research company using interpretability to understand, learn from, and design AI systems. Our mission is to build the next generation of safe and powerful AI—not by scaling alone, but by understanding the intelligence we're building. Scaling has proven powerful, but today's approach is fundamentally limited: we can't meaningfully understand, debug, or shape what models learn. Every engineering discipline has been gated by fundamental science and AI is at that inflection point now. We're advancing the science of how AI systems actually work. Treating models as black boxes is an unnecessary handicap—we have access to the structures inside them, and understanding those structures lets us steer what models learn, make them safer and more useful, and extract the vast knowledge they contain. Our goal is to make AI that can be understood, debugged, and shaped like software. Goodfire is a public benefit corporation headquartered in San Francisco with a team of the world’s top interpretability researchers and engineers from organizations like OpenAI and DeepMind. We're backed by over $200M from B Capital, Menlo Ventures, Lightspeed, Eric Schmidt, and others. About the role We're looking for a Security Architect to own IT and physical security operations at Goodfire. The stakes in AI development are extremely high, and we need to protect ourselves against sophisticated threats. In this role, you will lead our efforts to keep Goodfire secure against global risks. This is a foundational role. Your responsibilities will include protecting our cloud infrastructure, securing company intellectual property, managing access to IT systems, and overseeing physical security for our offices. You will defend Goodfire against sophisticated actors seeking to infiltrate our systems. This position reports directly to the CTO.  Where you'll contribute Infrastructure & DevOps – Protecting our cloud environments, CI/CD pipelines, and production systems from attackers. IT Operations – Centralizing endpoint security, identity and access management, and physical devices.  Physical Security – Leading office access controls, visitor management, and physical security measures appropriate for an AI research lab. Security Culture – Building a security culture which is ready to protect the organization from state level threats. Key responsibilities Design and implement security controls across cloud infrastructure (research cluster, platform APIs). Own identity and access management, including SSO, hardware authentication, and least-privilege access policies. Manage endpoint security, device management, and IT systems. Establish and maintain security monitoring, logging, and incident response capabilities. Conduct security assessments and work with engineering teams to remediate vulnerabilities. Develop and maintain security policies, documentation, and compliance frameworks. Manage physical security systems including access controls and office security. Respond to security incidents across all domains—digital and physical. What you'll bring &lt