logo inner

Security and Compliance Lead

TypeOnsite
Black Forest Labs is a cutting-edge startup pioneering generative image and video models. Our team, which invented Stable Diffusion, Stable Video Diffusion, and FLUX.1, is currently seeking a strong security and compliance to work closely with our team in building and implementing world class security and ensuring regulatory compliance across the business.

The Role:


  • Own and evolve the company-wide security strategy across infrastructure, application, and corporate environments
  • Lead our global compliance programs (e.g., ISO 27001, SOC 2) ensuring we meet regulatory and customer trust requirements. Build and maintain relationships with auditors, ensuring smooth audit processes
  • Address AI-specific compliance requirements around data usage, model governance
  • Build a comprehensive security program that scales with our AI training and inference infrastructure
  • Partner closely with engineering and Devops to embed “secure by default” principles into our architecture and development lifecycle.
  • Secure our model training infrastructure: distributed GPU clusters, data pipelines, training datasets
  • Protect inference infrastructure: model serving endpoints, API gateways, and production deployment pipelines
  • Ensure secure model versioning, storage, and deployment practices
  • Implement access controls and audit trails for sensitive training data and model weights
  • Manage and scale our IT function, ensuring a secure, efficient, and user friendly digital workplace.
  • Establish and maintain risk & governance structures, security policies, and incident response procedures.
  • Design and implement security controls for large scale Kubernetes environments hosting training and inference workloads
  • Lead internal risk assessments and external audits, and build trusted relationships with auditors and customers
  • Create and optimise detections, playbooks, and workflows to quickly identify and respond to potential incidents
  • Make impactful, risk-based security decisions aligned with business objectives
  • Establish security as a competitive advantage while maintaining development velocity

Ideal Experience:


  • 5+ years of experience in security roles (Security Officer, Security Engineer, Compliance & Security Manager)
  • Deep understanding of infrastructure security, application security, and cloud security
  • Experience performing security operations or investigations involving large scale Kubernetes environments
  • Track record of successfully managing compliance certifications (SOC 2, ISO 27001, etc.)
  • Exceptional communication and collaboration skills
  • An ability to lead projects with little guidance
  • Experience contributing to a high growth startup environment
  • Experience securing cloud infrastructure (Azure) at scale
  • Experience with or strong interest in securing ML/AI infrastructure is highly valued


Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Copyright © 2025