Senior Security Engineer – AI, Cloud

Location: Remote (India)Type: Full-TimeCompany: Symosis SecurityAbout Symosis SecuritySymosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our MSSP practice and looking for a hands-on leader to own SOC delivery, client engagement, and operational maturity.The RoleWe are seeking a deeply technical Security Engineer with strong experience in application, cloud, and AI/ML security to perform threat modeling, architecture reviews, and third-party risk assessments for large-scale SaaS and AI platforms.The ideal candidate is hands-on, can interpret complex architectures like AI/ML data flows (e.g., training, inference, telemetry, and de-identification pipelines), and is comfortable coding or automating in Python, Azure, or API security environments.What You’ll Do- Develop and maintain detailed threat models for cloud and AI/ML systems, including data flows, trust boundaries, and STRIDE analysis.- Conduct architecture and design reviews for 3rd-party integrations and SaaS systems.- Perform API security reviews, penetration tests, and vulnerability assessments of web and cloud workloads.- Review machine learning and AI system architectures for data leakage, bias, model inversion, and telemetry retention risks.- Evaluate cloud security configurations (Azure, AWS, GCP) and enforce least-privilege, encryption, and compliance standards.- Support security automation and build tools to streamline posture management and integration validation.- Collaborate with engineering and product teams to design secure integration patterns and risk mitigation strategies.- Author technical threat models and security documentation similar to structured reviews for AI/ML and SaaS applications.What We’re Looking For- 5–8 years of SOC or NOC experience, preferably in an MSSP environment.- Hands-on expertise with CrowdStrike Falcon and Rapid7 InsightIDR/InsightVM (certifications preferred or willing to complete within 30 days).- Proven ability to operate in Tier-2 analyst or shift lead capacity.- Strong understanding of NIST CSF, MITRE ATT&CK, and incident response workflows.- Excellent written and spoken English; experience supporting U.S. clients across EST/PST.- Ability to work flexible hours, including rotational coverage for 24×7 operations.- Based in India, remote, with reliable connectivity.Required Qualification- 4–8 years of experience in security engineering, application security, or cloud security.- Strong grasp of threat modeling methodologies and building security in products- Proven experience with AI/ML system or data security, including model lifecycle risk, data privacy, and inference threats.- Proficiency in Python and ability to automate or build scripts for API testing and security validation.- Hands-on experience with Azure Security, API authentication (OAuth, JWT), and network isolation patterns.- Red Team and penetration test assessments- Familiarity with frameworks like OWASP ASVS, NIST 800-53, and ISO 27001/27701/42001.- Strong analytical writing skills to create professional security reports and threat models.Preferred Qualification- Prior experience performing or leading AI/ML threat models or cloud application security reviews.- Certifications such as CISSP, CCSP, OSCP, or Azure Security Engineer Associate.- Exposure to Responsible AI, data governance, or ML explainability practices.- Experience integrating with SaaS or third-party APIs securely in production.- Knowledge of Databricks, Adaptive Shield, or Azure Data Factory is a plus.Why Join Symosis?- Help shape the India SOC operations for a growing U.S. MSSP.- Work with cutting-edge SIEM, EDR, and automation tools.- Collaborate directly with the U.S. SOC Manager and leadership team.- Flat, collaborative culture with high visibility and growth opportunities.- Be part of a technically deep, AI-driven security team.