Senior Cybersecurity Engineer
About The Position
The Altos Security team is looking for a highly collaborative Senior Engineer to join our team to help enhance and extend our human focused security program. You will be working directly with scientists, engineers, and IT staff to enable a hyper collaborative environment supporting world class research and development programs. You will build modern, scalable security capabilities that protect sensitive scientific data and AI/ML workloads, improve our readiness to handle security incidents, and strengthen threat detection, response, and data protection across cloud and on-prem environments. This opportunity will give you the chance to build an effective security program that directly impacts the trust and safety of our organization and its stakeholders. Candidates for this role should take pride in balancing risks and benefits of any security control, system or action as well as always looking for opportunities to optimize, automate, reduce and simplify systems.
Requirements
- 7 years of experience in the technology space (at least 5 with a security focus)
- Comfortable collaborating with engineers, scientists, legal/compliance and IT professionals
- Proficient in on-premises and cloud security engineering, including Infrastructure as Code solutions. Skilled in code security, secrets management, vulnerability scanning, and detection engineering.
- Experience performing application and/or infrastructure design reviews to identify areas of improvement as well as recommending appropriate security controls. Ideal candidates would also follow through to ensure their recommendations are implemented.
- Expertise in managing security incidents, conducting detailed analysis of security events, and overseeing sensitive investigations related to cyber activities
- Bachelor’s degree in Computer Science, Cybersecurity, or related field
- Ability to work without supervision, ability to handle competing priorities.
Nice To Haves
- Experience working in a compliance oriented environment (healthcare, government, fintech, ISO, SOC, PCI, etc)
- Information security certifications (CISSP, GIAC, etc)
- Experience with AI risk assessment, red teaming of AI/LLM systems, and defenses against prompt injection, data exfiltration, and excessive agency
Responsibilities
- Develop security controls that can enable scientists and researchers while protecting sensitive data (intellectual property, regulated data, experimental datasets)
- Perform threat modeling and risk assessments for applications, infrastructure, AI/ML systems, and lab/OT environments; translate findings into pragmatic controls and roadmaps
- Leverage DevOps principles and Infrastructure as Code techniques to scale security systems and controls
- Build automations and integrations (SOAR) around tools, processes, and systems to facilitate ongoing operations, reduce toil, and improve response times
- Manage Incident Response - prepare playbooks, perform triage, investigation, and remediation; coordinate cross-functional response; conduct forensic analysis; run tabletop exercises and after-action reviews; continuously improve detection and response
- Secure AI solutions from threats to data security, integrity, and misuse; implement model and prompt safety guardrails; evaluate enterprise and third-party AI tools; contribute to AI usage policies and governance
- Act as a security subject matter expert - educating, training, and mentoring others
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
11-50 employees
