Senior Security Engineer

Security architecture (strategic)

Define and own the security architecture for TruckerCloud’s platform across applications, infrastructure, and data systems.
Define how services authenticate and authorize each other across our distributed platform.
Design how sensitive telematics and PII data is protected at scale across ingestion, storage, and analytics.
Shape the AWS account, network, and IAM topology so security is native to the infrastructure rather than bolted on later.

AI defense (hands-on)

Build AI-driven security tooling — alert-triage agents, code-review assistants that flag risks before they ship, and LLM-powered threat detection — turning AI from a threat vector into a defensive capability.
Automate security and compliance across the SDLC — CI/CD security gates, policy-as-code, continuous monitoring and alerting, SOC 2 evidence generation, and automated control validation — so both security and audits run as code.
Set the guardrails for internal AI use (Cursor, Claude Code) across engineering.

Production, response, and compliance

Lead threat modeling (STRIDE / LINDDUN) and incident response end-to-end.
Drive compliance readiness (SOC 2, GDPR, data protection standards) through engineering-driven solutions, not policy PDFs.

7+ years software engineering with 5+ years in hands-on security ownership — engineer first, security as a deep specialization.
Production code in Java and/orPython; comfortable critiquing Terraform or Dockerfile live.
Deep AWS security: IAM, VPC, KMS, GuardDuty, Security Hub, CloudTrail, Organizations.
CI/CD security in practice.
Incident response leadership. Has led a sev-1 security incident end-to-end.
Has built (not just used) LLM-driven automations: a bot that triages alerts, an agent that validates policies, a script that generates SOC 2 evidence.
Familiarity with SOC 2, GDPR and/or ISO 27001 via engineering-led approaches.
Excellent written and verbal English for daily collaboration with US-based teams.

Similar jobs