Staff Security Engineer

About The Position

Requirements

• 6+ years of experience in hands-on technical security, with a proven track record of shipping complex, distributed software in Python or Go at a Staff level.
• Deep, production-level experience with agent frameworks (LangGraph, CrewAI, AutoGPT). You understand the architecture of stateful, multi-turn agentic loops and autonomous tool-calling.
• Authoritative knowledge of AI security risks (OWASP LLM Top 10) and experience building defensive layers like Semantic Firewalls, LLM Guardrails, and EWS (Early Warning Systems) for agents.
• Deep understanding of cloud-native architecture (AWS/K8s) specifically as it relates to providing secure, scalable execution environments for autonomous processes.
• Proven experience building or extending IAM/IGA systems to handle non-human, autonomous entities (service mesh, workload identity, agent-specific tokens).
• The ability to influence engineering leadership and drive the cultural shift from "scanning for bugs" to "building autonomous fixers."
• Experience embedding AI agents into the CI/CD pipeline to automate complex reasoning tasks, moving beyond simple static/dynamic analysis.
• A systems-thinking approach to security, with the ability to treat prompt engineering as a rigorous logic and control-flow discipline.
• Exceptional ability to translate the abstract world of agentic security into concrete, actionable roadmaps for both executives and junior engineers.

Responsibilities

• Define Agentic Identity & Governance: Solve the complex challenge of Agent Identity—designing how autonomous agents authenticate (IAM/OIDC), manage secrets, and operate within least-privilege guardrails.
• Autonomous Vulnerability Eradication: Lead the strategy for self-healing systems, building agents that don't just find bugs, but autonomously architect, test, and deploy platform-wide refactors to eliminate vulnerability classes.
• Secure the AI Infrastructure: Architect the enterprise-wide paved path for secure agent deployment, including high-assurance sandboxing, real-time prompt-injection firewalls, and RAG data-leakage prevention.
• Design the Agentic Fabric: Design and implement the multi-agent orchestration layer (using LangGraph, Semantic Kernel, or custom MAS frameworks) that coordinates autonomous security tasks across the enterprise.
• Drive the Agentic Roadmap: Design the multi-year technical strategy for shifting Procore from manual security engineering to a human-in-the-loop autonomous model.
• Lead Complex Evaluations: Spearhead the evaluation of emerging agentic security platforms and LLM-native security tools, moving them from proof-of-concept to production at scale.
• Advanced Threat Modeling: Build agents capable of performing dynamic, recursive threat modeling of microservices and complex cloud architectures.
• Strategic Mentorship: Scale agentic thinking across the entire Security and Engineering organization, setting the standard for how Procore builds and secures autonomous systems.

Benefits

• Equity Compensation
• Bonus Incentive Compensation