Senior Security Engineer at Kiefer is the first dedicated security role focused on the Sophea platform. This position is pivotal in establishing security as a core engineering function within an AI-native environment.
Key Responsibilities:
- Conduct security assessments and develop a prioritized remediation roadmap across infrastructure and services.
- Hardening of AWS and Kubernetes environments, including IAM, network policies, workload isolation, and secrets management.
- Securing AI-specific attack surfaces such as prompt injection, PII handling in LLM pipelines, and model interaction data leakage.
- Embedding automated security tooling into CI/CD pipelines, including SAST, DAST, dependency scanning, container image scanning, and secrets detection.
- Designing secure-by-default patterns for service communication, authentication, and data handling.
- Building incident response capabilities including detection, alerting, response workflows, and post-incident reviews.
- Collaborating with engineering teams to improve security posture without impeding velocity.
Required Qualifications:
- 6-10+ years of professional security engineering experience in production environments.
- Deep expertise in cloud security (AWS strongly preferred) and container/Kubernetes security.
- Strong application security skills across APIs, microservices, auth flows, and data pipelines.
- Experience integrating automated security tools (SAST, DAST, dependency/container scanning) into CI/CD.
- Offensive security mindset with proven ability to identify and validate vulnerabilities.
- Track record of building or maturing security programs from the ground up.
Preferred Qualifications:
- Experience in AI/LLM security: prompt injection, model security, PII in AI pipelines.
- CTF participation, bug bounty experience, or formal red team background.
- Offensive security certifications (OSCP, OSWE, CRTP).
- Incident response and digital forensics experience.
- Experience implementing SOC2 or ISO27001 compliance (beyond audit management).
Technical Stack: AWS, Kubernetes, IAM, CI/CD, SAST, DAST, dependency scanning, container image scanning, code analysis, secrets detection.
Benefits:
- Compensation: Above typical backend engineering bands for the Greek/EU market.
- Work Mode: Fully remote within the EU or hybrid from Athens.
- Ownership: First security hire—define security standards from day one.
- AI-Native Challenges: Tackle real-world security problems at the intersection of LLMs, enterprise data, and distributed systems.
- Growth: Budget for conferences, courses, and certifications; clear path to Security Lead or Head of Security.
- Culture: Engineering-first, low meetings, high autonomy, async-first communication.
