Job Specifications
Founded in Silicon Valley in 2009 by Marc Andreessen and Ben Horowitz, Andreessen Horowitz (aka a16z) is a venture capital firm that backs bold entrepreneurs building the future through technology. We are stage agnostic. We invest in seed to venture to growth-stage technology companies, across AI, bio + healthcare, consumer, crypto, enterprise, fintech, games, and companies building toward American dynamism. a16z has $46B in assets under management across multiple funds.
We've established a team that is defined by respect for the entrepreneur and the company-building process; we know what it's like to be in the founder's shoes. We've invested in companies like Affirm, Airbnb, Coinbase, Databricks, Devoted Health, Insitro, Figma, GitHub, Instacart, OpenSea, Roblox, Stripe, and Substack. Our team is at the forefront of new technology, helping founders and their companies impact and change the world.
The Role
As the Partner, Cybersecurity Software Engineer at a16z, you will be a hands-on, high-impact contributor driving security outcomes well beyond the cybersecurity team. Reporting to the Chief Information Security Officer, you'll work closely with developers, infrastructure engineers, and platform owners to embed security into the firm's cloud infrastructure, developer tools, and internal systems. This is a high-autonomy, high-leverage role on a small team where you'll build scalable, AI-native security solutions that mitigate risk, reduce attack surface, enhance detection, and accelerate response.
Your work will focus on secure software development practices, software supply chain security, container and artifact validation, modern identity architectures, and CI/CD-integrated security testing. You'll apply data, analytics, and large language models to create intelligent systems that adapt to an evolving threat landscape, including advanced persistent threats and novel attack vectors. Most importantly, you will be a force multiplier--democratizing cybersecurity across the firm by enabling self-service models, accelerating delivery, and empowering teams to move quickly without compromising trust.
This role blends cloud infrastructure engineering with security software development, ideal for someone who moves fluently between systems, code, and architecture, and thrives in shaping secure, scalable foundations that teams can build on.
We are open to candidates based in the San Francisco Bay Area, CA. The role requires an in office presence at least 2 days a week in our Menlo Park, CA or San Francisco, CA office.
To join our team, you should be excited to:
Lead the design and development of security solutions that mitigate risk, reduce attack surface, enhance detection, and accelerate incident response
Engineer secure infrastructure and platform-level controls, including Kubernetes, containerized workloads, API protection, and deployment patterns for hyperscaler environments (AWS and GCP)
Implement and manage scalable security controls across the software development lifecycle, integrating CI/CD pipelines, infrastructure-as-code, artifact governance, API security, and early-stage vulnerability management
Improve the security posture of enterprise systems, including endpoint security, network segmentation, device management, and identity and access layers such as MFA, passwordless auth, OIDC/SAML, AuthZ/AuthN, ABAC, and secrets management
Build self-service security tooling and automation frameworks that enable engineering and IT teams to move independently and securely, with a focus on improving developer experience (DX) and minimizing friction in secure-by-default workflows
Develop and improve core security capabilities using data, analytics, and large language models, enabling adaptive detection, intelligent decisioning, and scalable response
Build and maintain security telemetry and observability pipelines, enabling real-time detection, investigation, and performance monitoring across distributed systems
Architect composable infrastructure security design patterns, including reusable cloud deployment baselines and hardened service configurations
Drive data protection and privacy engineering efforts, ensuring encryption, tokenization, access control, and policy enforcement for sensitive data such as PII, PHI, and NPI
Democratize security practices across the firm, empowering teams through documented patterns, reusable components, and DX-first tooling that integrates seamlessly into their workflows
Collaborate across engineering, platform, and business teams to scale trust, align security with team velocity, and reduce friction in delivery pipelines
Author and maintain secure architecture standards, reference implementations, and reusable security patterns that promote consistency, resilience, and agility across teams
Minimum Qualifications
A minimum of 5 years of progressive experience in cybersecurity, cloud infrastructure, or software engineering, with a proven track record of building secure systems