Founding Security Engineer

London - Hybrid

The client:

This company is building agentic systems that can write code, use tools, and work with sensitive enterprise data. Their focus is on making these systems safe enough to operate inside large organisations.

They sit at the centre of AI, security, and infrastructure. The work is practical. It’s about making advanced systems usable in real environments, not just research settings.

Their platform supports knowledge systems and autonomous agents used by enterprise teams. Security is core to the product, not an afterthought.

The team is small and technical. You’ll be working closely with engineers and researchers, shaping how security is built from day one. This is an early-stage environment. You’ll have full ownership and a direct impact on how the platform evolves.

The role:

As a Founding Security Engineer, you’ll define and build the security foundations of the platform.

• You’ll secure systems that generate code, execute actions, and interact with sensitive data. The work covers AI security, application security, and infrastructure.
• You’ll design guardrails for LLM systems. You’ll protect against risks like prompt injection and insecure outputs. You’ll also cover standard web threats and application vulnerabilities.
• You’ll embed security into the development lifecycle. This includes CI/CD, automated scanning, and secure dependency management, without slowing the team down.
• You’ll work on cloud and infrastructure security. This includes Kubernetes environments, IAM policies, and isolating execution environments.
• You’ll own vulnerability management end to end. That includes detection, remediation, pen‑testing, and bug bounty programmes.
• You’ll also help build features that give customers confidence. Audit logs, access controls, and data governance will be part of your scope.

About you (skills/experience):

• You have strong experience in security engineering, with a focus on application and cloud security.
• You understand modern web vulnerabilities like CSRF, SSRF, and XSS. You’ve used tools such as Burp Suite, Semgrep, or CodeQL.
• You can review code in Python or Go and spot issues that tools miss.
• You have an interest in AI security. You understand risks around LLMs and agent systems, including prompt injection and data leakage.
• You’ve worked with cloud platforms like AWS or GCP and have experience securing Kubernetes environments.
• You understand container security and microservices architectures.
• You think like an attacker. You’ve done red teaming, CTFs, or similar work.
• You take ownership and prefer building solutions over writing policies.
• Experience with sandboxing tools such as gVisor or Firecracker
• Experience working in a purple team environment
• Contributions to open‑source security or AI safety research
• Exposure to compliance frameworks like SOC 2 or ISO 27001

Apply now or drop me a message if you want to talk it through.

Keywords:

Founding Security Engineer, AI Security, Application Security, Cloud Security, Kubernetes, AWS, GCP, DevSecOps, AppSec, LLM Security, Prompt Injection, Red Team, OWASP, Microservices, Infrastructure Security

#J-18808-Ljbffr