Key skills
AWSCloudPythonSDLCTerraformAIMLGenAILLMOpenAIClaudeAnthropicRAGLangChainAgenticRemote WorkOWASPCloud Security
About this role
Role Overview
- Act as the bridge between architectural intent and operational reality; mediate conflicts between security requirements and feasible implementation, propose compensating controls where gaps exist and help register, track and remediate residual risks.
- Implement preventive, default-on security controls across cloud and enterprise environments, codified as policy
- and infrastructure-as-code so security is enforced by design, including controls that govern how AI tools and models may be used.
- Implement and enforce identity and access controls to an agreed standard, including access boundaries for AI systems and non-human/agent identities by partnering with Platform Engineering and IT to align tooling and policy to the architecture.
- Assist in maintaining the InfoSec risk register; track emerging threats and translate them into actionable guidance for engineering teams.
- Support third-party and vendor risk assessments, with a focus on vendors who process data through AI pipelines.
- Automate repetitive security workflows (evidence collection, access reviews, alert enrichment) and build or operate AI-assisted security agents — with human-in-the-loop approval gates, least-privilege credentials, and explicit attention to each agent's own blast radius.
- Integrate security tooling (SIEM, CSPM, DAST/SAST, vulnerability scanners) with LLM layers to surface actionable insight and automated responses.
- Define and enforce security requirements for AI-powered features: model access controls, prompt-injection mitigations, output validation, and data-handling boundaries.
- Conduct threat modelling on agentic and LLM-based systems, accounting for novel attack surfaces such as tool misuse, indirect prompt injection, and supply chain risk.
Requirements
- 5+ years of security engineering experience with demonstrated AI/ML security depth (prompt injection, model supply chain, adversarial inputs, RAG).
- Experience using AI tools (ChatGPT, Copilot, Claude, etc.) and LLM frameworks and APIs (OpenAI, Anthropic, LangChain, or similar) to accelerate and elevate your work.
- Hands-on identity and access expertise across modern enterprise and cloud identity stacks, including access models for AI systems and non-human identities.
- Infrastructure and policy-as-code (e.g. Terraform, OPA/Rego) and proficiency in a scripting language for automation (Python preferred).
- Cloud security expertise: AWS Solutions Architect / Security Specialty or equivalent demonstrated expertise, including multi-account governance, preventive guardrails, and policy-as-code.
- Application security (OWASP Top 10 and the OWASP LLM/GenAI Top 10, secure SDLC) and threat-modelling methodologies (STRIDE, PASTA, or equivalent). Practical experience building or operating AI agents, and integrating security tooling (SIEM, CSPM, SAST/DAST/SCA) so it surfaces action rather than raw alerts.
- Working knowledge of SOC 2 and/or ISO 27001 control frameworks.
Tech Stack
- AWS
- Cloud
- Python
- SDLC
- Terraform
Benefits
- Medical, dental and vision benefits: Affordable health care plans and company HSA contributions, starting on Day 1
- A 6% 401(k) match
- Competitive time off package with 20 days of Paid Time Off, 9 Company-Paid holidays, 2 paid floating holidays, 7 paid sick days, 2 Wellness days, and 1 Paid Volunteer Day; at 3 years of service PTO increases to 22 days, and at 5 years it increases to 25 days
- 12 weeks primary caregiver leave & 4 weeks secondary caregiver leave
- Accident, critical illness, and hospital indemnity insurance
- Pet insurance
- Legal assistance and identity theft insurance plans
- Life insurance 2x salary
- Access to the Calm app and the Employee Assistance Program
- $65/month Remote work stipend for internet
- Culture and team-building activities
- Tuition assistance
- Career development opportunities
- Charitable contribution match up to $250 per year