Role Description Guild is hiring a Security Engineer. The Information Security team is looking to add a highly motivated and technically inclined individual to work as a Cloud Security Engineer. We are looking for a candidate that is comfortable working in an exciting and fast-paced environment. This individual’s responsibilities will mainly focus on ensuring protection of Guild’s various cloud resources and environments. These efforts will ultimately allow Guild to fulfill its mission while also meeting business objectives and compliance requirements. - Identify security issues and risks with Guild’s systems and environments. - Develop and execute remediation/mitigation plans that provide long-term risk reduction. - Collaborate with cross-functional engineering teams to integrate and advance security standards within a comprehensive enterprise application security program. - Serve as a strategic partner to engineering squads, providing expert guidance on the integration and remediation of findings from SAST, DAST, and SCA tools. - Design and enforce robust security architectures across the company’s AWS ecosystem. - Architect and implement security controls for agentic AI systems, including identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement). - Develop comprehensive threat models and conduct realistic threat simulations across Guild's offerings, including LLMs, AI agents, and MCP components. - Develop and tune security policy within various security tools and platforms (CNAPP, EDR, Email Gateway, Vulnerability Management, SIEM, etc.). - Maintain SOC-2 compliance and assist with audit/client related requests. - Assist with incident response and investigation activities. - Fulfill regular on-call responsibilities as part of a team rotation. Qualifications - Thorough understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes. - Proven experience with software development methodologies and secure coding practices. - 5+ years of industry experience in security engineering, with meaningful focus on cloud security and application security. - Excellent problem-solving and analytical skills. - Strong communication skills, both written and verbal, for collaborating with technical and non-technical teams. - Ability to work independently, prioritize tasks, and manage multiple security projects simultaneously. Requirements - Solid understanding of LLMs, AI architecture patterns, machine learning models, and related technologies (e.g., MCP, RAG, agentic frameworks). - Experience with container security, kernel-level hardening, and modern isolation techniques. - AWS Certifications. Benefits - Access to low-cost, high-quality health care options through Collective Health and Kaiser (due to coverage limitations, Kaiser is currently only available in CA & CO). - Access to a 401k to help save for the future. - Vacation policy to rest and recharge. - 8 days of fully-paid sick leave, to take the time to heal and or recover. - Family-friendly benefits, including 12 weeks of parental leave for non-birthing parents and 18-20 weeks for birthing parents; 2-week ramp-up period for when employees return from a leave of 6 weeks or more; as well as employer-paid short-term and long-term disability, employer-sponsored life insurance, fertility and caregiving benefits. - Well-rounded wellness benefits including free and low-cost mental health resources and financial wellbeing support services. - Education benefits and tuition assistance to help your future development and growth.

• Implement and evolve security controls in cloud environments, ensuring adherence to best practices and industry standards. • Manage identity and access (IAM), including defining roles, policies, Service Control Policies (SCPs), and secure access controls. • Work with security posture tools (e.g., Config, Security Hub) for monitoring, detection, and remediation of risks. • Support hardening initiatives for cloud infrastructure and Kubernetes (RBAC, network policies, admission controllers). • Define and implement image governance (base images, vulnerability scanners, CVE policies). • Participate in audit and compliance processes, ensuring adherence to regulations and internal controls. • Collaborate on defining cloud architecture standards and guardrails with a security focus. • Work with the team on risk mitigation plans (WAR) and security incident response. • Support FinOps initiatives, balancing security and cost efficiency. • Automate security controls and processes using IaC and CI/CD pipelines.

• Perform security research on web applications, APIs, and complex application workflows. • Identify, validate, and reproduce real-world vulnerabilities in modern applications. • Analyze authentication, authorization, session management, and access control mechanisms. • Translate manual penetration testing techniques into automated detection and exploitation logic. • Develop and refine payloads, exploit strategies, and vulnerability validation methods. • Analyze HTTP traffic, browser behavior, and application flows to uncover security weaknesses. • Collaborate with engineering teams to improve the platform’s automation and offensive security capabilities. • Document findings clearly, including technical details, impact analysis, and reproduction steps.

• Perform security research on web applications, APIs, and complex application workflows. • Identify, validate, and reproduce real-world vulnerabilities in modern applications. • Analyze authentication, authorization, session management, and access control mechanisms. • Translate manual penetration testing techniques into automated detection and exploitation logic. • Develop and refine payloads, exploit strategies, and vulnerability validation methods. • Analyze HTTP traffic, browser behavior, and application flows to uncover security weaknesses. • Collaborate with engineering teams to improve the platform’s automation and offensive security capabilities. • Document findings clearly, including technical details, impact analysis, and reproduction steps.