Portfolio Jobs

We are seeking a multidisciplinary Senior Cloud & AI Security Engineer with strong offensive, defensive, and architecture-driven capabilities. This role combines cloud security engineering, red team methodologies, blue team defense, and secure AI enablement to protect the organization’s digital assets and accelerate secure innovation. The ideal candidate designs automated security controls, simulates real-world attacks, strengthens defenses, and ensures that AI-powered internal tools and cloud services are secure-by-design and compliant with regulations.


Key Responsibilities:

Cloud & Infrastructure Security Engineering:

• Design, implement, and maintain secure architectures for multi-cloud environments (AWS, GCP, Azure), ensuring confidentiality, integrity, and availability of information assets.
• Build, automate, and maintain security controls and guardrails using reusable internal tools and services (bots, CLI tooling, IaC modules, security pipelines, policy-as-code).
• Provide expert security guidance to engineering teams that build and operate services, enabling secure product delivery without blocking or owning their SDLC.

Offensive Security (Red Team):

• Evaluate the organization’s security posture by simulating real-world cyberattacks, leveraging offensive tactics, techniques, and procedures (TTPs).
• Identify and exploit vulnerabilities across networks, cloud workloads, identities, and applications to expose potential security gaps before adversaries do.
• Collaborate with Blue Team to translate findings into strengthened preventive and detective controls, continuous improvement, and validated resilience.

Defensive Security (Blue Team):

• Monitor, protect, and defend the organization’s infrastructure against cyber threats, ensuring rapid detection, triage, and coordinated incident response.
• Implement and tune vulnerability management, threat protection, and security monitoring controls across cloud platforms, services, endpoints, and applications.
• Ensure standards, policies, and operational processes meet industry best practices and regulatory requirements, enabling proactive risk reduction and business continuity.

AI Security & Enablement:

• Design, develop, and secure internal AI-based tools (chatbots, code assistants, semantic search engines, data-prep pipelines, agent automations) used by technical and non-technical teams.
• Implement automated AI governance and security controls to protect data, models, and prompts, ensuring safe usage aligned to ethical, regulatory, and privacy frameworks (e.g., ISO 42001, GDPR, AI Act).
• Enable “secure-by-default” AI adoption across Development, IT, and business areas through guidance, reusable components, and integration patterns.

Minimum Qualifications:

Must-Have:

• Strong experience in cloud security architecture and engineering (AWS/GCP/Azure).
• Hands-on knowledge of IaC, DevSecOps, automation, and security tooling.
• Offensive security experience (Red Team, pentesting, adversary simulation).
• Defensive security experience (Blue Team, detection, response, and hardening).
• Proven ability to collaborate across engineering, security, and IT organizations.

Nice-to-Have:

• Experience with building or securing LLM/AI agents, vector DBs, embeddings, RAG pipelines, or AI-driven automation workflows.
• Familiarity with SOC 2, ISO 27001, ISO 42001, GDPR, AI Act, NIST CSF.

Benefits:

• Well-funded and proven startup with large ambitions and competitive salaries.
• Entrepreneurial culture where pushing limits, creating and collaborating is everyday business.
• Open communication with management and company leadership.
• Small, dynamic teams = massive impact.
• 500USD a year for you to invest in learning.

Simetrik considers qualified applicants for employment without regard to race, gender, age, color, religion, national origin, marital status, disability, sexual orientation, gender identity/expression, protected military/veteran status, or any other legally protected factor.

I authorize Simetrik to be the data controller and, as such, it may collect, store and use for the purposes of my possible hiring, under the conditions described in this document. I also give my consent to Simetrik to treat my personal data information in accordance with the Personal Data Treatment Policy available at https://simetrik.com/, which was made known to me before collecting my personal data.

Join a team of incredibly talented people that build things, are free to create, and love collaborating!