全职 Senior Security Engineer 工作, 薪水, FeedMe Federal Territory 公司招聘中 - Ricebowl

Senior Security Engineer (AI Guardrails & AppSec)

About Us

FeedMe is revolutionizing the F&B industry by building the world’s first fully autonomous AI agent for restaurants. To execute this bold vision safely, our Lead Agentic AI Engineer needs a formidable partner.

We are looking for a Senior Security Engineer to own security across the entire company—from our internal operations to our core autonomous product. This isn't a traditional, reactive security role. You will be designing the security guardrails that keep our AI agents safe, obsessively hunting for application vulnerabilities, and protecting our infrastructure. Furthermore, we want a practitioner who embraces the future: you are highly encouraged to build and deploy your own AI agents to automate and enhance your daily security workflows.

Your Day-to-Day

AppSec & Vulnerability Detection

• Relentlessly hunt for and remediate application vulnerabilities ("hole detection") across our platform and APIs.
• Lead threat modeling, risk assessments, and secure code reviews for our engineering teams.
• Coordinate deep-dive penetration testing and track remediation efforts.

AI Guardrails & Product Security

• Partner directly with the AI Engineering team to establish deterministic guardrails for probabilistic LLM/agentic systems.
• Defend against AI-specific attack vectors (e.g., prompt injection, data poisoning, model denial of service).
• Ensure secure data handling, privacy compliance, and isolation boundaries between our AI agents and sensitive restaurant/customer data.

Agentic Security Operations

• Design and deploy autonomous AI agents within your own security workflow to handle alert triaging, log analysis, and automated threat hunting.
• Build and maintain modern security tooling (SIEM, EDR, IAM) to monitor systems for incidents and lead incident response.

Company-Wide Security & Infrastructure

• Design and implement secure architectures across our cloud, on-prem, and edge environments.
• Collaborate with DevOps to embed security deeply into CI/CD pipelines (DevSecOps) and Infrastructure as Code (Terraform).
• Develop security policies and work with compliance teams on frameworks critical to F&B and fintech (PCI-DSS, SOC 2, ISO 27001).

What You Bring to the Table

• Experience: 5–10+ years of experience in cybersecurity, with a heavy emphasis on Application Security (AppSec) and engineering.
• AppSec Mastery: Exceptional skills in vulnerability detection, penetration testing concepts, and securing complex, modern web applications.
• AI Security Knowledge: Understanding of the OWASP Top 10 for LLMs and how to secure multi-agent systems and RAG pipelines.
• Agentic Mindset: A strong desire (and technical ability) to leverage AI/LLMs to automate your own security operations and threat detection.
• Technical Chops: Proficiency in scripting/programming (Python, Go, or Bash) and hands-on experience with AWS, GCP, or Azure security services.
• Core Cybersecurity: Deep understanding of network security, Zero Trust architecture, container security (Docker/Kubernetes), and security protocols (TLS, OAuth, SAML).
• Bonus Points: Relevant certifications (CISSP, CISM, CEH, OSCP, or cloud security certs) and experience in POS, fintech, or payment systems.

What We Have For You

• Impact: A culture where engineers are encouraged to voice product ideas and improvements.
• Growth: Internal transfer opportunities and support for your transition into Go development.
• Flexibility: Hybrid work arrangement & flexible hours.
• Culture: A young, fun, and energetic team with a casual dress code.
• Compensation: Competitive salary package and benefits.