Aspect Software is reimagining the human experience at work, focusing on AI-driven solutions for complex contact centers. They are seeking a Staff AI Security & DevSecOps Engineer to ensure the secure deployment of autonomous AI technologies across the organization, managing technical controls and enhancing security measures in R&D workflows and enterprise architectures.
Responsibilities:
- Establish R&D AI Guardrails: Secure the rollout of advanced AI development tools and AI-assisted engineering workflows by implementing robust allow/deny controls for repositories, directories, commands, and execution modes
- Harden current DevSecOps & SDLC: Review and secure GitHub permissions, audit logging, and CI/CD pipelines against AI-amplified risks; integrate SAST/SCA and secret-scanning guardrails
- Pioneer AI Observability: Instrument OpenTelemetry pipelines to capture autonomous AI tool actions, routing telemetry into Datadog to build comprehensive engineering and executive dashboards
- Drive Detection Engineering: Create, maintain, and triage playbooks and alert systems for prompt-injection behaviors, suspicious tool sequences, and anomalous access patterns
- Enforce Endpoint & SaaS Governance: Partner with IT and MDM to validate enterprise Endpoint/XDR coverage on developer devices, while building cross-SaaS correlation logs to monitor data movement and permission changes across Tier-1 corporate systems
- Cultivate Audit Excellence: Maintain the technical backbone for AI exception processing and produce audit-ready evidence aligned to SOC 2 and ISO 27001 expectations
Requirements:
- Possess 6+ years of deep security engineering experience spanning secure SDLC, pipeline hardening, artifact integrity, and secret handling
- Expert-level fluency in securing code repositories, establishing branch protections, enforcing CODEOWNERS, and designing PR review rules
- Extensive experience building logging and telemetry pipelines utilizing OpenTelemetry collectors, log routing, and normalization
- Proven ability to operate within Datadog or equivalent SIEM platforms to write actionable detections, investigate complex security events, and build practical response playbooks
- Exceptional ability to collaborate with Engineering, IT, and legal stakeholders to turn abstract security requirements into default-safe developer workflows
- Practical experience evaluating enterprise AI control-plane tooling, LLM gateways, and governing integrations, plugins, or Model Context Protocol (MCP) servers
- Experience with enterprise Endpoint/XDR platforms, identity telemetry (SSO/IdP), and cloud audit logs (AWS CloudTrail/GCP Audit Logs)