Senior AI Security Engineer

We are seeking a Senior Security Engineer to join our growing security team. As we continue building AI-powered services that deliver tremendous value to our customers worldwide, and given the rapid pace of our business growth, we are looking for experienced and capable talent to strengthen cybersecurity across all stages of product development and to collaborate closely with our software engineering teams. You will also play a key role in driving information security initiatives and integration efforts across the group, including addressing the emerging risks introduced by rapid advancements in AI technologies.

Responsibilities

• Design, implement, and maintain secure CI/CD pipelines with automated security controls (SAST, DAST, SCA, secrets scanning, and IaC scanning) integrated into development workflows
• Establish and drive the Secure Software Development Lifecycle (SSDLC), ensuring security is embedded at every stage — from design and threat modeling through deployment and runtime
• Define and standardize security requirements analysis and threat modeling practices to identify risks during the design phase
• Develop Policy as Code solutions to enable automated compliance and governance checks
• Conduct pre-production security assessments, vulnerability assessments, and penetration testing
• Implement security best practices for Infrastructure as Code (IaC) and cloud-native environments
• Build and maintain security monitoring, log aggregation, and alerting systems to support detection and response
• Create security deployment checklists and continuously improve production environment security posture
• Assess and mitigate emerging risks introduced by AI technologies, including risks related to LLM applications, AI agents, prompt injection, data leakage through AI tools, model supply chain, and AI-assisted development workflows
• Partner with engineering teams to evaluate, adopt, and govern AI-powered development tools (e.g., AI coding assistants, AI agents) in a secure and compliant manner

About you

Minimum qualifications

• Minimum 4 years of experience in cybersecurity, DevSecOps, or software development
• Solid understanding of the Secure Software Development Lifecycle (SSDLC) and modern application security practices
• Hands-on experience in software product engineering, deployment, and system integration
• Practical experience leveraging AI automation or AI agents in day-to-day work (e.g., Claude Code, Cursor, GitHub Copilot, Claude/ChatGPT, or custom AI agent workflows for security operations, code review, or automation)
• Ability to evaluate product performance metrics, diagnose issues, and drive resolution
• Ability to stay current with advancements in technical product development and the evolving AI/security landscape
• Strong communication and interpersonal skills, with the ability to collaborate effectively across engineering and business teams

Preferred qualifications

• BS/MS in Computer Science or a related field
• Relevant security certifications (CISSP, CCSP, SSCP, CSSLP, CC, CISM, CEH, etc.)
• Experience with compliance frameworks such as ISO 27001 or SOC 2
• Blue team experience, including SOC operations or threat hunting
• Experience participating in red-blue team exercises or CTF competitions
• Experience designing and implementing SSDLC processes from the ground up
• Familiarity with AI security frameworks (e.g., OWASP Top 10 for LLM Applications, MITRE ATLAS, NIST AI RMF) and securing AI/ML pipelines