Security Engineer - Application & AI Security (REMOTE)

Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field required. 3+ years in hands-on application security, DevSecOps, or security engineering roles. Proven experience building and configuring secure CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, Azure DevOps). Deep proficiency with cloud security in AWS, Azure, or GCP environments. Strong implementation experience with infrastructure as code (Terraform, CloudFormation) and container security (Docker, Kubernetes). Strong scripting and automation skills (Python, Bash, PowerShell) for security tooling. Versatility across web/API security, data pipeline security, microservices, and database security. Understanding of security frameworks (NIST, ISO 27001, SOC 2) and compliance requirements (GDPR, HIPAA, PCI-DSS). Hands-on experience deploying and configuring security scanning tools (SAST, DAST, SCA). Excellent communication skills—ability to translate security requirements into working technical implementations. Experience working embedded within cross-functional development teams. Proven track record of hands-on problem-solving in fast-paced development environments. Hands-on experience with AI/ML security, model security, and data governance Technical knowledge of LLM security, prompt injection prevention, and AI agent safety Strong coding background in Python, Go, or similar languages. Background in software development or engineering transitioning to security. Direct experience implementing secrets management solutions (HashiCorp Vault, AWS Secrets Manager). Practical experience with zero trust architecture implementation. Familiarity with data security, ETL processes, and data warehouse security. Experience with microservices architectures and distributed systems security.

Bridge security policy and technical execution by translating organizational security requirements into practical, deployable solutions across applications, data environments, and AI systems. Design, build, and deploy security controls across web applications, data pipelines, APIs, and Agentic AI systems to ensure confidentiality, integrity, and availability. Implement secure-by-design practices throughout the software development lifecycle, including code-level remediations, configuration hardening, and secure infrastructure deployment. Develop automation scripts and infrastructure-as-code to integrate security into CI/CD pipelines, enabling continuous compliance, secrets management, vulnerability scanning, and environment hardening. Implement and operationalize AI-specific security frameworks by building guardrails for agentic models, securing data flows, and integrating AI security tooling into development workflows. Perform hands-on technical security assessments, including penetration testing, threat modeling, and code reviews, and directly remediate identified vulnerabilities. Collaborate with cloud and DevOps teams to deploy monitoring and detection controls and ensure secure configuration baselines across environments. Provide practical security guidance and training to developers and engineers during architecture reviews, sprint planning, and project delivery. Continuously evaluate and improve the organization’s security posture through testing, feedback loops, and adoption of emerging best practices for AI and distributed systems. Document security architectures, configurations, and implementation patterns to support ongoing operations, compliance, and knowledge sharing.