Lead Security Engineer
About The Position
We’re an AI-first global tech company with 25+ years of engineering leadership, 2,000+ team members, and 500+ active projects powering Fortune 500 clients, including HBO, Microsoft, Google, and Starbucks. From AI platforms to digital transformation, we partner with enterprise leaders to build what’s next. What powers it all? Our people are ambitious, collaborative, and constantly evolving. About the Client Founded in the Netherlands 180+ years ago, the company operates in over 150 countries. The customer is a global leader in information services for health, tax and accounting, risk and compliance, finance, and legal sectors. Join a team building a comprehensive AI technology stack (focused on GenAI) that accelerates AI capabilities across hundreds of customer products. The platform integrates with major AI providers and enables scalable, production-ready AI solutions for professional users. The team is divided into core development and product integration streams. Project Tech Stack Node.js (Nest.js), TypeScript, Python React, Next.js MongoDB, OpenSearch, DynamoDB LLMs (ChatGPT), LangChain AWS Lambda, Azure, Docker, GitHub Actions Playwright
Requirements
- 8+ years of experience in cloud security engineering, with a strong focus on AWS and or Azure
- Expert-level knowledge of Python and Bash scripting for security automation
- Extensive experience with CI/CD security integration and DevSecOps practices
- Deep understanding of AI/ML security challenges and mitigation strategies
- Proven track record in implementing secure SDLC and privacy by design principles
- Strong background in threat modeling, risk assessment, and security architecture
- Experience with security in containerized environments (Docker, Kubernetes)
- Strong communication skills and the ability to work effectively across teams and with various stakeholders
- Ability to pass simple livecoding interviews, programming language doesn't matter
- US Central Time overlap required (9–11 AM CDT)
Nice To Haves
- Relevant security certifications (e.g. AWS Security Specialty, Azure Security Engineer Associate)
- Experience with security in large-scale, distributed systems
- Familiarity with healthcare data security regulations (e.g., HIPAA)
- Knowledge of LLM security considerations and best practices
Responsibilities
- Design and implement robust security measures for full-stack applications, AI agents, and platform components
- Develop and maintain secure CI/CD pipelines, focusing on DevSecOps practices, including but not limited to SAST, SCA, Secret Scannig and DAST
- Conduct threat modeling and implement least privilege principles across our GenAI infrastructure
- Collaborate with cross-functional teams to integrate security best practices into the SDLC
- Lead security initiatives for flagship projects like UpToDate Expert AI, ensuring patient data privacy and guideline fidelity
- Continuously evaluate and recommend new tools, technologies, and approaches to improve the platform and maintain a cutting-edge development environment
- Support and facilitate ongoing and future audits for various compliance frameworks, including SOC 2, HIPAA, and ISO 27001, ensuring the platform meets all necessary security and regulatory requirements
- Mentor junior engineers on security best practices and drive a security-first culture
Benefits
- International projects
- In-office, hybrid, or remote flexibility
- Medical healthcare
- Recognition program
- Ongoing learning & reimbursement
- Well-being program
- Team events & local benefits
- Sports compensation
- Referral bonuses
- Top-tier equipment provision
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
