Security Engineer

Our client - a fast-growing startup in the AI space is looking to hire a Security Engineer.

This role focuses on strengthening the company’s overall security posture, identifying gaps, designing practical solutions, and helping shape a more robust security function as the business grows.

Key responsibilities

• Assess the current security landscape across cloud infrastructure, applications, and engineering practices, and identify areas of weakness or improvement
• Design, implement, and improve security controls across cloud-based systems and AI-related environments
• Strengthen the overall security architecture for infrastructure, applications, and internal platforms
• Support and enhance the company’s existing security and compliance posture, including ISO 27001 and SOC 2 Type II
• Build and maintain processes, documentation, and controls to ensure ongoing audit readiness
• Serve as the main point of contact for customer-facing security discussions, including security questionnaires, due diligence requests, and assurance reviews
• Support security monitoring and help identify suspicious activity or potential threats
• Contribute to incident response preparedness and security response processes
• Participate in penetration testing, vulnerability assessment, and remediation follow-up
• Work closely with engineering and product teams to integrate security into the software development lifecycle
• Promote secure CI/CD practices and secure-by-design approaches across development workflows
• Support data protection and privacy measures, including access controls, encryption, reduction of unnecessary data exposure

Requirements

• Around 3+ years of experience in security engineering or a related cybersecurity role
• Experience working in SaaS, cloud-native, startup environments, or companies building security products / solutions is highly relevant
• Strong hands-on technical security capability, with the ability to identify gaps, recommend solutions, and help design or architect improvements
• Familiarity with security compliance, audits, or assurance frameworks such as SOC 2 and ISO 27001
• Good understanding of cloud and infrastructure security concepts
• Familiarity with areas such as identity and access management, containerized environments, infrastructure as code, and secure software delivery practices
• Able to communicate technical security concepts clearly to both technical and non-technical audiences
• Comfortable handling customer-facing security discussion with professionalism and credibility
• Awareness of security risks in AI-enabled products, including concerns such as: Data leakage, Prompt-based misuse or abuse
• Strong mindset around privacy, data protection, and responsible handling of sensitive information
• Comfortable operating in a fast-moving, high-growth environment
• Experience in offensive security, red teaming, or penetration testing would be a strong advantage