Senior Security Engineer – AI, Cloud & Application Security

Location

Type

Company

About Symosis Security

Symosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our MSSP practice and looking for a hands-on leader to own SOC delivery, client engagement, and operational maturity.

The Role

deeply technical Security Engineer

Python, Azure, or API security environments

What You’ll Do

• Develop and maintain 

  detailed threat models

   for cloud and AI/ML systems, including data flows, trust boundaries, and STRIDE analysis.
• Conduct 

  architecture and design reviews

   for 3rd-party integrations and SaaS systems.
• Perform 

  API security reviews

  , penetration tests, and vulnerability assessments of web and cloud workloads.
• Review 

  machine learning and AI system architectures

   for data leakage, bias, model inversion, and telemetry retention risks.
• Evaluate 

  cloud security configurations

   (Azure, AWS, GCP) and enforce least-privilege, encryption, and compliance standards.
• Support 

  security automation

   and build tools to streamline posture management and integration validation.
• Collaborate with engineering and product teams to design secure integration patterns and risk mitigation strategies.
• Author 

  technical threat models and security documentation

   similar to structured reviews for AI/ML and SaaS applications.

What We’re Looking For

• 5–8 years of SOC or NOC experience, preferably in an MSSP environment.
• Hands-on expertise with 

  CrowdStrike Falcon

   and 

  Rapid7 InsightIDR/InsightVM

   (certifications preferred or willing to complete within 30 days).
• Proven ability to operate in 

  Tier-2 analyst or shift lead

   capacity.
• Strong understanding of NIST CSF, MITRE ATT&CK, and incident response workflows.
• Excellent written and spoken English; experience supporting 

  U.S. clients across EST/PST

  .
• Ability to work flexible hours, including rotational coverage for 24×7 operations.
• Based in India, remote, with reliable connectivity.

Required Qualification

• 4–8 years of experience in security engineering, application security, or cloud security.
• Strong grasp of threat modeling methodologies and building security in products
• Proven experience with AI/ML system or data security, including model lifecycle risk, data privacy, and inference threats.
• Proficiency in Python and ability to automate or build scripts for API testing and security validation.
• Hands-on experience with Azure Security, API authentication (OAuth, JWT), and network isolation patterns.
• Red Team and penetration test assessments
• Familiarity with frameworks like OWASP ASVS, NIST 800-53, and ISO 27001/27701/42001.
• Strong analytical writing skills to create professional security reports and threat models.

Preferred Qualification

• Prior experience performing or leading AI/ML threat models or cloud application security reviews.
• Certifications such as CISSP, CCSP, OSCP, or Azure Security Engineer Associate.
• Exposure to Responsible AI, data governance, or ML explainability practices.
• Experience integrating with SaaS or third-party APIs securely in production.
• Knowledge of Databricks, Adaptive Shield, or Azure Data Factory is a plus.

Why Join Symosis?

• Help shape the India SOC operations for a growing U.S. MSSP.
• Work with cutting-edge SIEM, EDR, and automation tools.
• Collaborate directly with the U.S. SOC Manager and leadership team.
• Flat, collaborative culture with high visibility and growth opportunities.
• Be part of a technically deep, AI-driven security team.