Role Description We are looking for a Security Engineer to embed robust security practices into the very fabric of our AI-powered platform. Your goal is to eliminate risk without slowing down our engineering teams by championing a "Security by Design" culture. You won't just run scans and mandate fixes; you will partner with our product and platform teams to build automated security guardrails, secure our cloud infrastructure, and protect our cutting-edge LLM workloads, ensuring our customers' most sensitive data remains safe with zero "friction." What you’ll do - Shift-Left Security: Integrate automated security scanning (SAST, DAST, SCA) directly into our CI/CD pipelines to catch vulnerabilities early in the development lifecycle. - Cloud Infrastructure Defense: Design and enforce security policies across our primary cloud environment, securing virtual networks, access controls, and cloud-native services using infrastructure-as-code (IaC) principles. - AI/ML Security Governance: Pioneer security strategies for our LLM and machine learning workloads, protecting against emerging threats like prompt injection, data poisoning, and model exfiltration. - Threat Detection & Incident Response: Build and monitor security observability tools, defining alerting thresholds and leading the response to potential security events or anomalies. - Cross-Functional Partnership: Act as an embedded security consultant to our engineering and product teams, conducting threat modeling and architecture reviews while acting as an enabler rather than a blocker. - Compliance & Trust: Drive and maintain compliance initiatives relevant to our enterprise AEC clients, ensuring we uphold the highest industry standards of data privacy. Qualifications - 4–6 years of experience in Security Engineering, Application Security, or DevSecOps, with a clear focus on cloud-native SaaS environments. - Cloud Security Mastery: Deep expertise in securing large-scale public cloud environments and a strong understanding of cloud networking, threat detection, data encryption, and identity management. - Automation Mindset: Proficient in modern scripting languages and experience automating security tasks—you approach security engineering with the same rigor as product software. - Modern AppSec: Hands-on experience with modern security tooling (e.g., automated dependency and vulnerability scanners) and a thorough understanding of common web and API vulnerabilities (OWASP Top 10). - Strategic Thinker: You can identify systemic security "blind spots" and design automated, paved-road solutions to solve them permanently rather than playing whack-a-mole with vulnerabilities. Requirements - LLM/AI Security Experience: Proven track record of securing Generative AI applications and navigating the unique, evolving threat landscape of large language models. - Compliance Leadership: Experience successfully guiding technology startups through major compliance audits and framework adoptions (e.g., SOC 2 Type II, ISO 27001). - Platform Collaboration: Experience working closely with Platform/DevOps teams to embed security seamlessly into internal developer tools and portals. Attributes - Exceptional attention to detail. - Strong analytical and problem-solving skills. - Excellent written and verbal communication. Education - Bachelor's degree in Computer Science, Cybersecurity, Engineering, or a related field (or equivalent practical experience). What to expect We conduct a rigorous interview process based on integrity, talent, and drive. We trust our teammates from day one and move quickly to evaluate whether you are fit for the role. The entire interview process typically takes two weeks. Here's what to expect: - A 30 minute Zoom meeting to talk about Kantiv, your background, and answer any questions about the role. - A 30 minute Zoom meeting with another one of our team members to hear more about your experience and how you'd approach working in the role. - A take home project to assess your functional expertise for the role you're applying for. - A 60 minute Zoom call to review your project and answer any outstanding questions.

At Symsoft Solutions, we know what we do best. And that’s developing highly engaging websites, robust applications, and comprehensive data services for state and local government agencies for end-user citizens and businesses. We select the projects we participate in with care, looking for areas where we can make a difference. This user-focused approach inspires us to deliver the kinds of products and solutions that we would want to use and leads us to client partners who want to do the same. Over the years, that’s allowed us to create a variety of solutions for fantastic clients across the government spectrum, along the way developing the deep experience that makes us a complete resource for our state and local government partners (oh, and we’ve won a few accolades for it too). This is a six-month contract position that can be performed remotely; however, candidates must have prior experience working with the State of California.

At Symsoft Solutions, we know what we do best. And that’s developing highly engaging websites, robust applications, and comprehensive data services for state and local government agencies for end-user citizens and businesses. We select the projects we participate in with care, looking for areas where we can make a difference. This user-focused approach inspires us to deliver the kinds of products and solutions that we would want to use and leads us to client partners who want to do the same. Over the years, that’s allowed us to create a  for  across the government spectrum, along the way developing the deep experience that makes us a complete resource for our state and local government partners (oh, and we’ve  for it too). This is a six-month contract position that can be performed remotely; however, candidates must have prior experience working with the State of California.

• Managers must be experienced in securing Artificial Intelligence (AI) and Machine Learning (ML) systems, including but not limited to agentic AI architectures, model security, prompt and data protections, threat modeling for emerging AI risks, and resilient AI deployments. • Managers lead diverse teams of consultants with varying skills to meet and exceed client expectations through scoped engagements. • This role will lead multiple client engagements (including AI security assessments and secure AI architecture designs) or support larger-sized client engagements. • Managers contribute to client delivery by executing the necessary technical or process-focused tasks, producing high-quality security and architectural artifacts, and presenting findings and recommendations throughout an engagement. • Managers are the primary leaders of security delivery teams responsible for assessments, designs, and operational documentation for AI systems. • Senior Consultant - Managers also support business development activities alongside a sales specialist to help qualify client needs and expectations, particularly where AI security architecture must be evaluated.