Principal Application Security Engineer

Blackbird.AI helps organizations discover emergent threats and stay one step ahead of real-world harm through our AI-powered Narrative and Risk Intelligence Platform. Our commitment is to prioritize safety and security, providing the tools to identify potential risks and ensure a safer environment proactively. No matter the job or where it’s located, we’re all connected by a shared vision: To lead and enhance the landscape of risk intelligence. 

We are seeking a highly skilled Principal Application Security Engineer to join our team. Reporting directly to the CISO, you will play a critical role in securing our applications and infrastructure hosted on AWS and Kubernetes. Your expertise will be instrumental in helping us achieve key security certifications such as SOC 2, overseeing penetration testing, and implementing best practices to enhance our security posture.

As the Principal Application Security Engineer, you’ll have the chance to:

What you’ll do: 

• Security Strategy and Leadership
• Develop and implement a comprehensive application security strategy aligned with company objectives.
• Lead initiatives to achieve security certifications, including SOC 2, FEDRAMP, GDPR compliance.
• Collaborate with cross-functional teams to integrate security best practices into all stages of the Software Development Lifecycle (SDLC).
• Application and Infrastructure Security
• Assess and enhance the security of applications hosted in AWS and Kubernetes environments.
• Conduct regular security assessments, code reviews, and vulnerability scans.
• Implement security controls and policies to protect against threats and vulnerabilities.
• Compliance and Certification
• Prepare and lead efforts to achieve SOC 2 certification and maintain compliance.
• Coordinate with external auditors and ensure all security documentation is up-to-date.
• Monitor and enforce compliance with industry standards and regulations.
• Penetration Testing and Risk Assessment
• Plan and oversee regular penetration testing activities.
• Analyze test results and work with development teams to remediate identified vulnerabilities.
• Continuously monitor for emerging threats and adjust security strategies accordingly.
• Education and Mentorship
• Provide training and mentorship to engineering teams on secure coding practices.
• Promote a culture of security awareness throughout the company

What you’ll bring: 

• Education and Experience
• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
• Minimum of 10 years of experience in application security engineering.
• Proven experience in achieving security certifications such as SOC2, FEDRAMP, GDPR etc.
• Technical Skills
• Deep understanding of AWS services and security best practices.
• Strong knowledge of security principles, practices, and technologies related to AWS and Kubernetes.
• In-depth understanding of web, API, and microservices security.
• Expertise in cloud infrastructure security, especially AWS services like IAM, EC2, S3, and Lambda.
• Solid grasp of common security vulnerabilities and mitigation techniques, especially in containerized environments (Docker, Kubernetes).
• Familiarity with DevSecOps practices and CI/CD pipelines.
• Hands-on experience with security tools such as static/dynamic analysis tools (SAST/DAST), vulnerability scanners, and penetration testing frameworks.
• Proficient in security assessment tools and methodologies.
• Strong knowledge of compliance frameworks and standards (e.g., SOC 2, ISO 27001).
• Experience with penetration testing tools and techniques.
• Familiarity with programming languages such as Python, Go, or Java.
• Certifications (Preferred)
• CISSP, CISM, OSCP, or other relevant security certifications.

Preferred Qualifications

• Strong leadership and communication skills.
• Ability to work collaboratively in a fast-paced environment.
• Detail-oriented with a strong commitment to excellence.

We’ve outlined specific skills, experience, and requirements for this position, but don’t stress if you don’t meet every single one. Our Talent Team is dedicated to discovering exceptional individuals, and they might identify a relevant aspect of your background that suits this role or another opportunity within Blackbird.AI.

If you have passion for the role, please still apply.

What’s in it for you:

Blackbird.AI is embarking on an exciting growth journey with numerous opportunities for career development within the company. You will join a nurturing, inclusive, and experienced team. 

Join us as we soar to new heights!

Values:

At Blackbird.AI, our core values shape how we work and make decisions. Our values inspire us to be authentic and continue improving. 

We embrace a strong sense of responsibility to society, recognizing the vital role our services play in empowering governments, communities, and individuals to foster critical thinking and empowerment. We believe in integrating personal and professional lives with societal needs, emphasizing the importance of creating an environment that attracts top talent and provides substantial growth opportunities. We are motivated by the potential of science and technology to impact humanity positively.