About The Role

We are seeking a Principal Security Engineer to lead AI-native security and security automation, and to orchestrate our security operations and incident response. Our frontline monitoring and triage are delivered by a managed MXDR partner, so this is not a 24x7 analyst seat. Instead, you will set detection and response strategy, own the security of our agentic AI platform, and drive automation toward automated remediation so the function scales through engineering rather than headcount. You will be the technical owner of our AI and cloud security tooling (Wiz) and the architect of a lean, high-leverage SecOps capability.

This is a hands-on, strategic role for an engineer who wants to build resilient, automated systems and define what AI security looks like for a frontier agentic platform.

What You Will Do (Key Responsibilities)

• Own AI and agentic security tooling, including Wiz AI Security Posture Management and AI Lens for visibility across AI, MCP, agents, and models, runtime guardrails, and the AI Bill of Materials (AIBOM).
• Drive MCP and agent protection from visibility to active enforcement, and integrate model and AI supply-chain scanning into CI/CD.
• Build and run the AI red-teaming program, aligned to the OWASP LLM and Agentic Top 10 and MITRE ATLAS, and partner with product and engineering to embed AI security controls into the platform lifecycle.
• Operationalize Wiz CNAPP, CSPM, and DSPM for cloud and data security posture, and drive risk-based prioritization of findings toward automated remediation.
• Build detection-as-code and Security Orchestration, Automation, and Response (SOAR) workflows; automate alert triage, enrichment, and assignment, and progressively automate remediation of well-understood risks.
• Own the risk-based vulnerability prioritization model (severity-based SLAs, triage within SLA) and feed automated ticketing and sprint assignment, moving SecOps from manual to automated.
• Own the MXDR and MSSP relationship as the primary technical lead: detection tuning, log source onboarding, service delivery, budget, and performance metrics.
• Act as incident commander for major security incidents and own the incident response lifecycle at the orchestration level, while the MXDR partner runs frontline monitoring and triage.
• Maintain incident response playbooks, run purple-team exercises with IT, Engineering, Legal, and Communications, and report MTTD, MTTR, and SecOps metrics to leadership, driving post-incident remediation to closure.

Required Qualifications

• 8 to 10+ years in a hands-on security engineering or operations role, with strong depth in security operations, incident response, and cloud security.
• Hands-on experience with cloud security posture and CNAPP tooling (Wiz strongly preferred) and with detection engineering.
• Demonstrated automation capability: SOAR, detection-as-code, scripting (Python), and a track record of building toward automated remediation.
• Experience securing AI, ML, or LLM and agentic systems, or a strong, demonstrable ability to ramp quickly (guardrails, AI red-teaming, MCP and agent security).
• Experience managing third-party security partners, particularly MSSPs or MXDR providers.
• Expert knowledge of the incident response lifecycle (e.g., NIST) and experience acting as incident commander, with SIEM and XDR depth.

Preferred Qualifications

• Demonstrated AI security specialization: OWASP LLM and Agentic Top 10, MITRE ATLAS, AIBOM, and model scanning.
• Proficiency with SOAR and automation platforms and hands-on automated-remediation experience.
• Proven experience standing up or maturing a SecOps function that scales through automation rather than headcount.
• Relevant certifications (e.g., GCIH, GCFA, CISSP, or a cloud security certification) and a degree in Computer Science, Information Security, or a related field.