Senior Cloud Security Engineer

Curative AI•Bellevue, WA

6d•$120,000 - $160,000

About The Position

Curative AI is looking for a senior, hands-on Infrastructure & AI Security Engineer to design, implement, and harden security controls across our cloud and AI platforms. This role is deeply technical and highly collaborative, working directly with engineering teams to secure production AI-powered healthcare SaaS systems running across Azure, AWS, and Microsoft 365. This is not a governance or audit-focused role. Security strategy, compliance requirements, and risk frameworks (SOC 2, HIPAA, ISMS) are already established. This position exists to translate those requirements into real, enforceable technical controls and to help engineering design secure systems from the ground up. You will work on security challenges that go beyond traditional infrastructure, including LLM platforms, agentic AI workflows, inference endpoints, and AI-driven automation, protecting them against misuse, data leakage, and adversarial threats. Reporting to the Director of IT, you will operate as a technical authority for security engineering, shaping how security is implemented across Curative AI’s platform. This is an opportunity to build and own security for cutting-edge AI healthcare solutions in a fast-growing startup environment.

Requirements

6–10+ years of experience in infrastructure, cloud, or security engineering.
2+ years securing production AI/ML systems or LLM-based platforms (not limited to experimental or internal-only deployments).
Deep hands-on experience with Azure and AWS security, networking, and IAM.
Strong background in Linux, Windows Server / Active Directory, and cloud-native environments.
Experience securing Microsoft 365, including Intune and Defender (P2 or equivalent).
Strong automation skills using Python, PowerShell, Bash, and IaC tools such as Terraform or CloudFormation.
Working knowledge of SOC 2 and HIPAA control requirements, with proven ability to implement them as technical controls rather than documentation.
Ability to operate independently and make sound security design decisions in a fast-moving environment.

Nice To Haves

Experience securing multi-tenant SaaS platforms, especially in regulated industries.
Hands-on experience with Zero Trust or secure remote access solutions (e.g., FortiGate, NordLayer, Teleport).
Knowledge of SSO protocols, PKI, and certificate management.
Exposure to AI red-teaming, adversarial testing, or AI abuse prevention techniques.
Cloud or security certifications (AZ-500, AWS Security Specialty, CISSP, GIAC).
Prior experience in healthcare or regulated SaaS environments.

Responsibilities

Design, implement, and maintain secure infrastructure across Azure, AWS, and Microsoft 365, including networking, IAM, compute, storage, and containerized workloads (AKS/EKS).
Partner with engineering teams to design secure architectures for new services and platform components before they reach production.
Implement and enforce security baselines using infrastructure-as-code and automation.
Implement security controls for production LLM platforms and agentic AI workflows, covering: Input validation and output constraints, Model and inference endpoint access controls, Isolation of AI workloads, Abuse, misuse, and data leakage prevention.
Design guardrails to prevent cross-tenant exposure, unauthorized autonomous actions, and sensitive data disclosure in AI-powered systems.
Secure the AI model lifecycle, including training, fine-tuning, deployment, and inference.
Lead AI-specific threat modeling covering prompt injection, indirect prompt attacks, jailbreaks, model exfiltration, data poisoning, and supply-chain risks.
Simulate adversarial scenarios and translate findings into concrete technical mitigations.
Participate in architectural reviews to proactively reduce security risk.
Work closely with development teams to define and enforce secure coding practices and AI security guardrails throughout the SDLC.
Participate in design reviews, code reviews, and pre-production risk assessments.
Help engineering teams move fast without compromising security.
Automate security configuration, monitoring, and compliance enforcement using Terraform, Python, PowerShell, and Bash.
Deploy and manage security tooling including vulnerability scanners, EDR/XDR, SIEM, and runtime protection for cloud and AI workloads.
Improve detection and response capabilities through logging, alerting, and anomaly detection.
Develop and maintain AI-specific incident response playbooks, including scenarios such as hallucination-related failures or unauthorized agent actions.
Assist in security investigations and post-incident reviews.
Participate in tabletop exercises and continuous improvement initiatives.
Maintain clear documentation for security architectures, standards, and operational procedures.
Partner with IT and engineering leadership to strengthen overall security maturity, resilience, and BCP/DR readiness.

Benefits

Base Salary Range: $120,000 - $160,000 (commensurate with experience and qualifications)
Target Annual Performance Bonus
Equity Package: Generous equity participation in the company's future success
Comprehensive benefits package including medical, dental, vision, Life and AD&D insurance; 401K; paid time off and holidays
Opportunity to work on cutting-edge AI projects and make an impact on the company's success
Chance to make a real impact on the company’s AI strategy and innovation

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume