Senior AI Engineer

We are a cybersecurity company building AI-native security platforms that span both offensive and defensive operations:

• Offensive Platform — An autonomous security platform that uses agentic AI to continuously penetration-test APIs, web applications, and cloud infrastructure. It validates vulnerabilities, chains attack paths, and generates audit-ready reports — all with human-in-the-loop safety controls.
• Defensive Platform — A role-based AI SOC platform where specialized agents (SOC Manager, Analyst, Incident Response, Threat Hunter) work as a coordinated crew to triage alerts, investigate incidents, hunt threats, and manage Detection-as-Code — at machine speed, under human oversight.

We are not building wrappers around ChatGPT. We are building autonomous, multi-step AI agent systems that reason, plan, use tools, and take real-world action in high-stakes security environments.

The Role

As an Agentic AI Engineer, you will design, build, and ship the autonomous AI agent systems at the core of our products. Depending on your background and interest, you'll work on one or both of the following:

Offensive Security Agents: You'll build the agent brain that plans multi-step attack strategies, generates auditable configuration files, orchestrates security tool execution (Nmap, Nuclei, Nessus, custom exploits), validates discovered vulnerabilities, and chains minor findings into critical attack paths — all within a human-in-the-loop approval framework.

Defensive Security Agents: You'll build the specialized SOC agents that autonomously triage and correlate alerts, enrich events with contextual data, summarize investigations, propose detection rules, execute threat hunting queries, and recommend incident response actions — while keeping analysts in control of final decisions.

What You'll Do

• Design and implement autonomous agent architectures that handle multi-step reasoning, tool use, memory, and planning in production security workflows
• Build reliable agent loops with proper error handling, retry logic, guardrails, and human-in-the-loop approval gates for high-risk actions
• Develop dynamic tool-calling pipelines where agents select, configure, and orchestrate external security tools based on contextual analysis
• Engineer prompt chains and agent reasoning strategies across multiple LLM providers (OpenAI, Google Vertex AI, Anthropic Claude) with model-agnostic abstractions
• Build and maintain the context layer that gives agents awareness of users, assets, past incidents, typical behavior, and environmental state
• Design evaluation frameworks to measure agent reliability, accuracy, and safety — especially for high-stakes actions like exploit execution or incident response recommendations
• Collaborate with security engineers to translate offensive and defensive domain expertise into agent behavior, tool profiles, and decision logic
• Optimize for latency, cost, and token efficiency in production agent workloads
• Support on-premise deployments using self-hosted open-source models (DeepSeek, Llama) for air-gapped enterprise customers

What We're Looking For

Must Have

• 4+ years of software engineering experience with strong proficiency in Python
• 1+ year of hands-on experience building LLM-powered agent systems — not chatbots, but agents that reason, plan, use tools, and take multi-step actions
• Deep working knowledge of at least one agentic framework: LangGraph, LangChain, CrewAI, AutoGen, or equivalent
• Experience with tool-calling / function-calling patterns, including dynamic tool selection and chaining
• Solid understanding of prompt engineering for complex reasoning tasks — chain-of-thought, ReAct, plan-and-execute patterns
• Experience integrating with multiple LLM providers (OpenAI, Anthropic, Google) and managing model-agnostic abstractions
• Ability to build robust, production-grade systems — not just prototypes. You think about failure modes, retries, timeouts, guardrails, and observability
• Strong fundamentals in distributed systems, async programming, and API design

Strong Plus

• Background in cybersecurity — offensive (pentesting, vulnerability assessment, red teaming) or defensive (SOC operations, SIEM, detection engineering, incident response)
• Familiarity with MITRE ATT&CK framework, Sigma rules, or detection-as-code practices
• Experience deploying and fine-tuning open-source LLMs (Llama, DeepSeek, Mistral) for on-premise or air-gapped environments
• Knowledge of graph databases (Neo4j) for modeling attack paths or entity relationships
• Experience building multi-agent systems where multiple specialized agents collaborate, delegate, and share context
• Familiarity with RAG pipelines, vector databases, and knowledge retrieval systems

Mindset

• You're excited about building AI systems that take real action in the world, not just generate text
• You have a strong security intuition — you think about what can go wrong, what an adversary would do, and where guardrails are needed
• You're comfortable with ambiguity and can translate vague domain requirements into concrete agent behaviors
• You care about reliability over cleverness — a working agent that handles edge cases beats a flashy demo

What We Offer

• Opportunity to build AI agent systems for two products simultaneously — offensive and defensive security — a rare engineering challenge
• Direct influence on product architecture and AI strategy from day one
• Work with a team that understands both security and AI deeply
• Competitive compensation