Security Engineer (AP)

We are seeking a skilled Senior Security Engineer to strengthen our security posture across cloud infrastructure, application environments, and enterprise systems. In this role, you will drive vulnerability management, threat detection, AI security best practices and security architecture initiatives while collaborating closely with engineering and internal stakeholder to embed security throughout the organization.

Vulnerability & Risk Management
•    Perform vulnerability scanning, assessment, and remediation tracking across applications, networks, and cloud infrastructure.
•    Investigate potential security risks in third-party tools and formulate best-practice documentation and guidance to reduce organizational risk.
•    Maintains up-to-date knowledge of the latest CVEs, industry trends, and alerts from external security tools and scanners.
Cloud & Architecture Security
•    Design, review, and enforce security controls across cloud environments (Azure, GCP, AWS) and container orchestration platforms (Kubernetes/Docker).
•    Provide security architecture guidance on new initiatives, ensuring compliance with internal standards and industry frameworks (e.g., CIS, NIST, CSA CCM).
•    Partner with internal stakeholders, IT and engineering teams to embed/enforce security requirements throughout the organization.

Security Operations & Tooling
•    Implement, configure, and maintain security tools including SIEM, EDR, CSPM, and vulnerability management platforms.
•    Monitor security events and alerts; lead investigation, triage, and response for incidents, and recommend mitigations and control improvements.
•    Conduct forensic analysis following security incidents to determine root cause and scope of impact.
AI Security & Emerging Technologies
•    Assess and mitigate security risks associated with AI/ML systems, including model tampering, data poisoning, adversarial inputs, and prompt injection vulnerabilities.
•    Evaluate and establish security guardrails for AI-powered tools, APIs, and third-party integrations adopted by engineering and product teams.
•    Integrate security controls into AI model development, training pipelines, and deployment workflows.
•    Stay current with evolving AI threat landscapes (e.g., OWASP LLM Top 10, MITRE ATLAS) and translate findings into actionable security guidance.

Collaboration & Governance
•    Collaborate with stakeholders to ensure security findings are remediated within defined SLAs.
•    Develop, document, and enforce security policies, procedures, and best practices aligned with business and compliance requirements.
•    Support security awareness training initiatives and contribute to tabletop exercises and incident response planning.
•    Research emerging threats, vulnerabilities, and technologies; contribute findings to continuous security improvement programs.
•    Provide mentorship and technical guidance to associate-level security engineers.

•    5+ years of experience in security engineering, with demonstrated expertise in cloud security, threat modeling, and security engineering.
•    Hands-on experience securing cloud environments across Microsoft Azure, Google Cloud Platform, and/or Amazon Web Services. Experience with Oracle and IBM Clouds is a plus.
•    Practical experience with container and orchestration security (Kubernetes, Docker).
•    2+ years of experience using multiple generative AI technologies.
•    Experience with scripting languages and knowledgeable of development practices
•    Demonstrated ability to support vulnerability management programs and drive remediation with cross-functional teams.

Technical Skills
•    Strong command of security principles, protocols, and technologies including IAM, network security, encryption, and zero trust architecture.
•    Experience with security tooling such as SIEM platforms, EDR solutions, CSPM, EASM, and commercial vulnerability scanners.
•    Familiarity with security frameworks and standards such as: NIST CSF, CIS Benchmarks, SOC 2, ISO 27001, ISO 42001, ISO, 27701, NIS2, and EU Cyber Essentials+.
•    Working knowledge of AI/ML security risks and familiarity with frameworks such as OWASP LLM Top 10, MITRE ATLAS, or NIST AI RMF.
•    Hands-on experience evaluating or securing LLM-based applications, AI APIs, or ML pipelines is a plus.

Soft Skills
•    Highly motivated self-starter who can operate with limited supervision in a fast-paced environment.
•    Excellent written and verbal communication skills, with the ability to convey technical risk clearly to both technical and non-technical audiences.
•    Strong collaborative instincts and cross-functional partnership skills.

Certifications (Preferred)
•    CISSP, CCSP, SSCP, AWS Security Specialty, Azure Security Engineer Associate, Microsoft Security Operations Analyst, CEH, GCSA, CKS, or equivalent cloud/security certifications are a plus.
•    Certifications or training in AI security (e.g., GAISC, vendor-specific AI security courses) or demonstrated applied experience securing AI systems is a plus.

All employees are expected to demonstrate AI fluency appropriate to their role and level, including responsible use of AI tools, sound judgment, and adherence to company AI governance and security policy standards.

Come work with us! Our team members are valued for their contributions, introduced to new opportunities, and rewarded well. Perforce combines the experience and rewards of a start-up with the security of an established and privately held profitable company.