Security Engineer

Requirements

• 3–4 years of hands-on experience in a security engineering, application security, or cloud security role.
• Strong working knowledge of cloud security on AWS or GCP.
• Experience with application security concepts: OWASP Top 10, common API vulnerabilities, authentication/authorisation flaws.
• Practical experience with security tooling: SAST/DAST scanners, vulnerability management platforms (Like Aikido).
• Comfortable reading and reviewing code in at least one programming language (Python, TypeScript preferred).
• Clear communicator — able to translate technical risk into business impact for non-security audiences.
• Experience securing containerised environments (Docker, Kubernetes) and CI/CD pipelines (GitHub Actions, ArgoCD).
• Familiarity with data security or privacy regulations relevant to AI/ML workloads (GDPR, CCPA, HIPAA).
• Exposure to ML/AI security concepts such as data poisoning, model inversion, or supply-chain attacks on training pipelines.
• Security certifications such as OSCP, AWS Security Specialty, CCSP, or CEH.

Responsibilities

• Conduct threat modelling, security design reviews, and code reviews for new product features and platform changes.
• Identify, triage, and track vulnerabilities across Encord's web application and APIs; work with engineering teams to drive remediation.
• Champion secure development practices (SAST, DAST, dependency scanning) and integrate them into the CI/CD pipeline.
• Help secure Encord's cloud-native infrastructure, including access policies, network segmentation, storage access controls, and container security.
• Monitor for misconfigurations and assist in hardening our Kubernetes and microservices environments.
• Support data security controls for the petabyte-scale multimodal data sets that customers entrust to our platform.
• Participate in incident response activities, including investigation, containment, and recovery efforts.
• Provide technical expertise and guidance to IT and network engineering teams to ensure security controls are effectively implemented and maintained.
• Support Encord's SOC 2 Type II, ISO 27001, and customer compliance programmes, including evidence collection and control implementation.
• Contribute to third-party vendor and supply-chain risk assessments.
• Help maintain and improve security policies, runbooks, and documentation.
• Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
• Stay up-to-date with the latest information security technologies and advancements.
• Train staff on network and information security procedures.

Benefits

Skills