Security and Compliance Lead

Black Forest Labs is a cutting-edge startup pioneering generative image and video models. Our team, which invented Stable Diffusion, Stable Video Diffusion, and FLUX.1, is currently seeking a strong security and compliance leader to work closely with our team in building and implementing world-class security and ensuring regulatory compliance across the business.

• Own and evolve the company-wide security strategy across infrastructure, application, and corporate environments
• Lead our global compliance programs (e.g., ISO 27001, SOC 2) ensuring we meet regulatory and customer trust requirements. Build and maintain relationships with auditors, ensuring smooth audit processes
• Address AI-specific compliance requirements around data usage, model governance
• Build a comprehensive security program that scales with our AI training and inference infrastructure
• Partner closely with engineering and Devops to embed “secure by default” principles into our architecture and development lifecycle
• Protect inference infrastructure: model serving endpoints, API gateways, and production deployment pipelines
• Ensure secure model versioning, storage, and deployment practices
• Implement access controls and audit trails for sensitive training data and model weights
• Manage and scale our IT function, ensuring a secure, efficient, and user-friendly digital workplace
• Establish and maintain risk & governance structures, security policies, and incident response procedures
• Design and implement security controls for large-scale Kubernetes environments hosting training and inference workloads
• Lead internal risk assessments and external audits, and build trusted relationships with auditors and customers
• Create and optimise detections, playbooks, and workflows to quickly identify and respond to potential incidents
• Make impactful, risk-based security decisions aligned with business objectives
• Establish security as a competitive advantage while maintaining development velocity

• 5+ years of experience in security roles (Security Officer, Security Engineer, Compliance & Security Manager)
• Deep understanding of infrastructure security, application security, and cloud security
• Experience performing security operations or investigations involving large-scale Kubernetes environments
• Track record of successfully managing compliance certifications (SOC 2, ISO 27001, etc.)
• Exceptional communication and collaboration skills
• An ability to lead projects with little guidance
• Experience contributing to a high-growth startup environment
• Experience securing cloud infrastructure (Azure) at scale
• Experience with or strong interest in securing ML/AI infrastructure is highly valued

Voluntary self-identification and equal employment opportunity information collection is used for compliance purposes and is voluntary. Black Forest Labs is an equal opportunity employer and does not discriminate on the basis of any protected status under applicable law.