Responsibilities
* Build and maintain security tooling that integrates directly into developer workflows, including code scanning and dependency analysis
* Implement identity and permission controls for humans, services and automated agents
* Develop automated checks for insecure configurations, risky behaviors and policy violations across environments and applications
* Support secure handling of documents, entities and structured data that drive automated decision processes
* Contribute to runtime protections for agent workflows including action validation, safe execution constraints and human-approval logic
* Work with product and engineering teams to assess new features for emerging security risks, especially where automation interacts with sensitive data
* Enhance detection and monitoring for suspicious patterns across activity logs, agent actions and system outputs
* Investigate alerts and support remediation, with a focus on preventing the issue from recurring through automation or improved controls
* Participate in shaping a modern Security Development Lifecycle suited to rapid iteration and agent-driven behavior
What you will work with
* Modern code scanning tools and SCA platforms for supply chain integrity
* Identity systems and permission models capable of handling multi-party and agent interactions
* CI/CD pipelines that incorporate security gates and automated validations
* Runtime policy enforcement for APIs, workflows and agent actions
* Observability tools that can capture fine-grained activity across humans, services and automated systems
* Data protection mechanisms including classification, masking and controlled access paths
* Threat modelling for automation flows, retrieval systems and cross-tenant data surfaces
* Lightweight design documentation, threat modelling and architecture standards
Requirements
* Experience in security engineering within modern application or platform environments
* Knowledge of identity management, permission models and the challenges they pose in distributed systems
* Familiarity with application security practices including secure coding, code scanning and dependency hygiene
* Ability to investigate complex behaviors that span multiple services, data layers and automation components
* Curiosity about how automation and agent workflows introduce new risk categories
* Strong scripting or coding skills to build internal tools, validate patterns and automate remediation
* Collaboration mindset to engage product, engineering and data teams in improving overall security posture