• Coordinate and prioritize security testing for applications based on LLMs, including scenarios such as prompt injection, jailbreaks, data exfiltration, tool abuse, and context manipulation. • Oversee the execution of test cases on internal and user-facing agents, ensuring alignment with team-defined playbooks. • Lead the development of test suites and tools, such as Promptfoo or equivalents, driving innovation and efficiency. • Monitor and analyze alerts and signals generated by controls like LLM Firewall, guardrails, Anonymizer, and AI Gateway, ensuring prompt and effective responses. • Validate and review functional and regression tests on AI Security services and controls, ensuring the quality and security of deliverables. • Guide analysis of logs, metrics, and events related to LLM traffic, agents, and internal platforms, identifying patterns and opportunities for improvement. • Manage the identification of false positives and false negatives, and propose improvements to rules, heuristics, and detection policies. • Review and approve security analyses for MCPs, skills, and tools used by developers or agents. • Ensure the security of ML artifacts, the supply chain, and quality gates in pipelines, promoting best practices and compliance. • Document and review technical findings, evidence, FAQs, guides, playbooks, and best practices, ensuring clarity and applicability. • Promote education and awareness initiatives, CTFs, meetups, applied research, and consolidation of technical references, strengthening the security culture within the team and across the organization.

• GuidePoint Security provides trusted cybersecurity expertise, solutions and services • Enabling organizations to identify threats, optimize resources and integrate solutions that mitigate risk • Collaborate and provide mentorship and guidance at every opportunity

Role Description We are seeking a highly experienced Senior Cyber Security Engineer to lead and support enterprise security initiatives, with a strong focus on security platform migrations and day-to-day cybersecurity operations. This role is responsible for ensuring the organization’s security posture is maintained and continuously improved while enabling secure adoption of new technologies. The ideal candidate is a hands-on security practitioner with deep experience in enterprise environments, capable of driving security initiatives, supporting operational teams, and guiding cross-functional stakeholders. Essential Job Responsibilities - Security Platform Ownership, Migration, and Transformation - Lead and support the daily management, governance, and migration of security platforms (e.g., EDR, identity, email security, cloud security tools) with minimal operational disruption. - Evaluate current security tools and recommend improvements or replacements aligned to business and risk requirements. - Coordinate with IT, infrastructure, and business teams to ensure secure management, configuration, and implementation of security platforms. - Develop and execute migration plans, including validation, testing, and cutover strategies. - Ensure proper configuration, hardening, and alignment to security standards. - Operational Cybersecurity (Day-to-Day) - Monitor and respond to security alerts and incidents in collaboration with SOC or IT teams. - Perform investigation and triage of security events, including root cause analysis and mitigation. - Manage vulnerability remediation efforts and track risk reduction progress. - Maintain and improve endpoint, identity, and network security controls. - Support incident response activities, including containment, eradication, and recovery. - Risk and Security Governance - Identify, assess, and communicate cybersecurity risks to leadership and stakeholders. - Ensure security controls align with regulatory and compliance requirements (e.g., NIST, CIS, ISO frameworks). - Contribute to the development and enforcement of security policies, standards, and procedures. - Participate in audits, assessments, and security reviews. - Collaboration & Leadership - Act as a subject matter expert for cybersecurity initiatives across the organization. - Partner with architecture, infrastructure, and application teams to embed security into projects. - Provide guidance and mentorship to junior security team members. - Support security awareness and best practice adoption across the business. Qualifications - 4–5+ years of hands-on cybersecurity experience in a fast-paced, complex enterprise environment. - Proven track record as a hands-on individual contributor (not primarily management-focused). - Experience across multiple cybersecurity domains (at least 3) such as: - Endpoint Detection & Response (EDR) - Identity & Access Management (IAM) - SIEM / SOAR - Cloud security - Email security or network security - Experience with security operations, including: - Incident response, investigation, and triage - Vulnerability management and remediation - Endpoint, identity, or network security controls - Demonstrated ability to own and manage security tools/platforms end-to-end. - Experience supporting or participating in security tool implementations, migrations, or transformations. - Working knowledge of security frameworks such as NIST, CIS, or ISO. - Strong ability to learn new technologies quickly and operate in a vendor-agnostic environment. - Excellent communication and collaboration skills, with the ability to work across technical and business teams. - Ability to thrive in a fast-moving, evolving environment with shifting priorities. Requirements - Experience with CrowdStrike or similar EDR platforms, especially in migration or large-scale deployments. - Experience with security automation or scripting (e.g., Python, PowerShell). - Hands-on experience with cloud platforms (Azure, AWS, or GCP security tooling). - Experience in rapid-growth or transformation-focused environments. - Exposure to OT/industrial or construction-related environments (nice to have). - Experience acting as a technical lead or subject matter expert, including mentoring others. - Relevant certifications (e.g., CISSP, GIAC, Security+) or demonstrated commitment to continuous learning. Benefits - Medical, dental, and vision insurance. - 401(k) retirement plan with company match. - Paid time off (PTO) and holiday pay. - Life and disability insurance. - Professional development and training opportunities. - Employee assistance program (EAP). - Benefits eligibility may vary based on employment classification and hours worked.

Role Description Security Operations and Enablement Engineering is the layer between what the security organization needs and what the core platform provides. As a SO&E Engineer, you will close that gap by taking requirements surfaced by Operations and building the workflows, automations, and tooling that make detection and response faster, more consistent, and more scalable. This is not a role that waits for tickets. You will be in the room where operational problems get diagnosed, then own the technical execution that solves them. The work is varied by design. On any given week that might mean: - Building a dashboard that gives leadership real operational visibility - Automating a manual process that is costing analysts time - Translating a fuzzy operational complaint into a scoped, buildable requirement AI and agentic workflows are part of the toolkit here, but the through line is pragmatic problem solving: find what is slowing the security organization down and build something that fixes it. Qualifications - 5+ years building workflow automations, internal tooling, or operational infrastructure in a technical environment, ideally within security or a similarly complex domain - Demonstrated ability to operate across organizational functions — translating operational pain from non-technical stakeholders into precise, scoped technical requirements without significant back-and-forth - Proficiency in Python or similar scripting languages, with the ability to write clean, maintainable code that establishes patterns others can build on - Experience building and maintaining API integrations to connect tools and systems that don't talk to each other out of the box - Familiarity with security operations tooling including SIEMs, ticketing systems, and alerting platforms, sufficient to understand how analysts work and where automation creates real leverage - Experience building dashboards and reporting tooling sufficient to create meaningful operational visibility without relying on a dedicated BI team - Comfort operating in an ambiguous, fast-moving environment where the function is still being defined — able to set technical direction without a fully established playbook Requirements - Own and evolve the SO&E technical strategy, including how the function identifies, prioritizes, and delivers against operational gaps that the core platform does not address - Serve as the primary technical translator for requirements surfaced by SOC and Support Operations Managers, turning operational pain points into scoped, buildable solutions against a prioritized backlog - Partner with the Director to translate Product and operational priorities into scoped technical requirements, ensuring SO&E delivery is sequenced against the gaps that matter most to the business - Translate operational requirements into precise technical solutions including workflow automations, API integrations, internal tooling, and custom dashboards — and establish the standards others build to as the function scales - Build and maintain reporting and dashboard infrastructure that gives operators and leadership meaningful visibility into security performance and workflow health - Identify and drive toil reduction across SOC and Support workflows through automation, tooling improvements, and smarter use of existing capabilities including AI where appropriate - Evaluate new platforms and technologies against backlog needs, with a bias toward solutions that keep the team tool-agnostic and avoid unnecessary dependency - Establish and document technical standards across the build lifecycle that support long-term scalability and create a foundation for the function to grow on Benefits - 100% remote work environment - since our founding in 2015 - Generous paid time off policy, including vacation, sick time, and paid holidays - 12 weeks of paid parental leave - Highly competitive and comprehensive medical, dental, and vision benefits plans - 401(k) with a 5% contribution regardless of employee contribution - Life and Disability insurance plans - Stock options for all full-time employees - One-time $500 reimbursement for building/upgrading home office - Annual allowance for education and professional development assistance - $75 USD/month digital reimbursement - Access to the BetterUp platform for coaching, personal, and professional growth