Senior Security Engineer (AI & DevSecOps)

Job summary

iProov is seeking a Senior Security Engineer with expertise in AI and DevOps to accelerate the safe adoption of agentic AI within their biometric product development. This role involves architecting secure frameworks for AI tools, maturing automated security controls, and managing core security technology stacks. The ideal candidate will have a background in software engineering or DevOps and hands-on experience securing cloud infrastructure and containerized environments.

Qualifications

• Foundational background in software engineering or DevOps.
• Hands-on experience securing modern cloud infrastructure and containerized environments.
• Solid understanding of infrastructure-as-code principles and security implications.
• Proficiency in deploying and administering enterprise security platforms, including CNAPP, EDR, SIEM, and zero-trust networking tools.
• Active user of AI in professional and personal contexts, including agentic AI tools and coding assistants.
• Grounded understanding of the evolving AI threat landscape, including model supply chain risks, prompt injection, data exfiltration, agent misuse, and LLM-specific attack vectors.
• Scripting and automation capability, particularly in Python, for internal tooling and security checks.
• Experience or demonstrated interest in securing AI workloads, data pipelines, and machine learning environments.
• Communication skills to collaborate with technical stakeholders, champion security initiatives, and translate risk to engineering peers and business leadership.
• Confidence to present technical security evidence clearly in formal external audit settings.

Responsibilities

• Architect and deploy secure technical frameworks for AI controls, including AI coding assistants, autonomous agents, and LLM-integrated tooling.
• Serve as the primary technical security voice for decisions regarding external AI use and deployment.
• Continuously mature automated security controls within CI/CD pipelines and infrastructure-as-code deployments.
• Take ownership of core security technology stack, including Wiz, CrowdStrike, Google SecOps, and Tailscale.
• Drive continuous technical delivery of strategic security initiatives, identifying and closing gaps across cloud environments, internal networks, and developer workflows.
• Provide technical oversight for the security of data pipelines feeding internal AI systems and access boundaries of agentic AI systems.
• Own security coverage of the DevSecOps surface, build pipeline, internal toolchain, cloud environments, and developer infrastructure.
• Act as the primary technical security partner to the GRC-focused InfoSec Manager, translating compliance mandates into engineering controls.
• Represent the technical security function in external audits, presenting evidence of controls and articulating security posture.

Skills

Relocation