Product Security Engineer - Remote

YO IT Consulting is seeking a Product Security Engineer to help define the future of AI-native security engineering. In this role, you will design autonomous security systems that integrate AI-driven controls into the software lifecycle, enabling continuous risk discovery and secure deployment.

Responsibilities:

• Architect and build AI-powered security systems that autonomously identify, triage, and remediate vulnerabilities across applications, infrastructure, and AI workloads
• Develop agentic security workflows that leverage LLMs and machine learning for code review, threat detection, vulnerability correlation, root-cause analysis, and automated fix generation
• Reimagine the Secure Software Development Lifecycle (SSDLC) by integrating intelligent security controls, AI guardrails, and continuous validation into CI/CD pipelines
• Lead threat modeling initiatives for distributed systems, AI platforms, RAG architectures, model-serving infrastructure, data pipelines, and autonomous agents
• Design security frameworks for protecting AI systems against emerging threats including prompt injection, model abuse, data poisoning, adversarial attacks, and sensitive data leakage
• Build behavioral detection models and risk engines to identify synthetic identities, document fraud, account takeover attempts, and other adversarial activity within customer onboarding and KYC workflows
• Apply machine learning and contextual risk scoring to reduce alert fatigue, prioritize security findings, and drive autonomous remediation decisions
• Partner closely with engineering, platform, and AI research teams to ensure security is embedded as a native capability rather than a downstream function
• Scale a culture of security engineering through mentorship, technical leadership, and enablement programs focused on secure AI development practices

Requirements:

• Demonstrated experience building or applying AI/LLM-powered security solutions, including agentic workflows, autonomous remediation systems, vulnerability discovery, or security copilots
• Deep expertise in Application Security, Product Security, or Security Engineering with a strong software development background
• Hands-on experience integrating enterprise security tooling (e.g., Snyk, Checkmarx, GitHub Advanced Security, Semgrep, Wiz, Lacework) into automated developer workflows and AI-driven orchestration platforms
• Strong understanding of modern security architecture, cloud-native systems, APIs, microservices, and distributed computing environments
• Deep familiarity with OWASP Top 10, OWASP Top 10 for LLM Applications, secure AI development practices, and emerging AI threat models
• Advanced programming skills in Python and at least one additional language such as Go, Java, Rust, or Node.js
• 8+ years of experience spanning Application Security, Software Engineering, Infrastructure Security, or related technical domains
• Proven track record driving large-scale automation initiatives and transforming security programs from reactive operations to autonomous, intelligence-driven systems
• Exceptional communication skills with the ability to translate complex technical and AI-related risks into strategic business decisions
• Experience securing AI products, foundation model platforms, inference infrastructure, or agentic systems in production environments
• Background in applied machine learning, security data science, fraud detection, or behavioral analytics
• Contributions to open-source security tools, AI security research, or industry thought leadership
• Experience operating within high-growth technology companies, AI labs, or research-driven engineering organizations
• Familiarity with emerging areas such as AI red teaming, model evaluation, agent security, autonomous penetration testing, or AI safety engineering