Senior Security Engineer

Openly is rebuilding insurance from the ground up, aiming to enhance the customer experience through innovative solutions. The Senior Security Engineer will triage and remediate security alerts, build detection automations, and serve as a key security partner for AI initiatives.

Responsibilities:

• Investigate and respond to security events; communicate findings to risk decision makers
• Build and maintain security tools, automations, runbooks, dashboards, and detection infrastructure
• Proactively hunt for threats and stay current on cybersecurity best practices
• Perform threat modeling and security architecture reviews for AI agent platforms
• Design security controls for identity flows (OAuth/OIDC, Okta, Auth0, Entra ID) within agentic systems
• Harden LLM gateways and MCP connectors against prompt injection, tool abuse, and token leakage
• Embed security into AI builds from design through deployment

Requirements:

• BS in Computer Science, IT, or equivalent experience
• 6+ years in technical roles; 4+ years in Security Engineering/Operations; 2+ years in an adjacent field (IT, DevOps, etc.)
• Broad security knowledge: endpoint, email, network, identity, cloud, vulnerability management, IR, threat intel
• Experience with EDR, MDR, SIEM, CSPM, and email security tools
• Securing AI systems and agentic workflows, including MCP security risks (prompt injection, tool abuse, unauthorized access)
• Securing multi-agent orchestration: agent delegation, tool-use layers, session data protection, guardrail enforcement
• Deep knowledge of OAuth 2.0/OIDC, token security, and IdP administration (Okta, Auth0, Google Workspace, Entra ID)
• Hardening human-in-the-loop workflows, async AI execution, and conversation memory stores
• Experience with GCP/AWS, Python, Terraform, and Git
• Strategic thinking, clear communication, innovation, comfort with ambiguity, systems architecture, and team mentorship