Lead Application Security Engineer

Job Description

Aera Technology is the Decision Intelligence company. We deliver innovation and services that enable enterprises to operate sustainably, intelligently, and efficiently. Our platform, Aera Decision Cloud, integrates with your existing systems to digitize, augment, and automate decisions in real time. Aera helps enterprises around the world transform decision making delivering millions of recommendations that have resulted in significant revenue gains and cost savings for some of the world's best-known brands.

The AI security engineer will be responsible for the security of the Aera Decision Intelligence platform. This is not a penetration testing position. You will be working closely with software engineers and architects to ensure that our core AI and data models are protected from threats and vulnerabilities. The candidate must have extensive experience building, deploying, and patching custom built software in a cloud environment with Kubernetes, and understand AI security risks. May consider a lead level position for the right candidate.

Responsibility

- Lead our AI security development including agentic AI, Data models, Transformer-Based Agents, LLMs, Model Attribution, Open / Closed models.
- Work with AI engineers to securely build predictive reinforcement generative modeling techniques with both DPO and PPO
- Perform security reviews and code reviews with engineers and architects in Python and Java. Must have extensive knowledge of Java or Python programming.
- Implement and recommend security controls based on Automate and build security tooling into our CI/CD build and deploy pipeline, must be able to build and deploy to cloud infrastructure such as AKS or EKS using Github, Helm charts and Terrform.
- Improve our secure development standards for all software including leading a secure development training program based on OWASP top 10 Gen AI Security.
- Prioritize all vulnerabilities from automation tools and manual tests including extensive research through code and modules to identify risks based on known CVEs.
- Lead the application security processes including managing the existing security tools in the CI/CD pipelines, reviewing proposed project architectures, initial threat modeling, triage of the identified application security defects and the suggested fixes.
- Work closely with the infrastructure and the DevOps teams to ensure consistent implementation of the security standards including the remediation of the identified gaps in the security posture

Requirements

- 4 years of software engineering experience. This must include direct code contributions to a project in a programming language like Java, .Net, Go, or similar language.
- 3 years of building and deploying secure code as a SAAS product with IAC such as Helm, Terraform or Ansible to the cloud into a microservices architecture.
- 4 years working with SCA, SAST, and DAST tools and remediation of vulnerabilities from these tools.
- 1 year min experience in AI Security, must understand LLMs and data models.
- Expert in threat modeling and developing architectural diagrams and controls based on risks.
- Expert in the OSI model and the security controls at each level.
- Expert in OWASP top 10 attacks, remediations, and controls.
- Bachelor's degree in computer science, Information Technology, or a related technical area

If you share our passion for building a sustainable, intelligent, and efficient world, you're in the right place. Established in 2017 and headquartered in Mountain View, California, we're a series D start-up, with teams in Mountain View, San Francisco (California), Bucharest and Cluj-Napoca (Romania), Paris (France), Munich (Germany), London (UK), Pune (India), and Sydney (Australia). So join us, and let's build this

Aera Technology is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.

Benefits Summary

At Aera Technology, we strive to support our Aeranauts and their loved ones through different stages of life with a variety of attractive benefits, and great perks. In addition to offering a competitive salary and company stock options, we have other great benefits available. You'll find comprehensive medical, Group Medical Insurance, Term Insurance, Accidental Insurance, paid time off, Maternity leave, and much more. We offer unlimited access to online professional courses for both professional and personal development, coupled with people manager development programs. We believe in a flexible working environment, to allow our Aeranauts to perform at their best, ensuring a healthy work-life balance. When you're working from the office, you'll also have access to a fully-stocked kitchen with a selection of snacks and beverages.