Senior Security Engineer (AI Guardrails & AppSec)
About Us
FeedMe is revolutionizing the F&B industry by building the world's first fully autonomous AI agent for restaurants. To execute this bold vision safely, our Lead Agentic AI Engineer needs a formidable partner.
We are looking for a Senior Security Engineer to own security across the entire company—from our internal operations to our core autonomous product. This isn't a traditional, reactive security role. You will be designing the security guardrails that keep our AI agents safe, obsessively hunting for application vulnerabilities, and protecting our infrastructure. Furthermore, we want a practitioner who embraces the future: you are highly encouraged to build and deploy your own AI agents to automate and enhance your daily security workflows.
Your Day-to-Day
AppSec & Vulnerability Detection
- Relentlessly hunt for and remediate application vulnerabilities (hole detection) across our platform and APIs.
- Lead threat modeling, risk assessments, and secure code reviews for our engineering teams.
- Coordinate deep-dive penetration testing and track remediation efforts.
AI Guardrails & Product Security
- Partner directly with the AI Engineering team to establish deterministic guardrails for probabilistic LLM/agentic systems.
- Defend against AI-specific attack vectors (e.g., prompt injection, data poisoning, model denial of service).
- Ensure secure data handling, privacy compliance, and isolation boundaries between our AI agents and sensitive restaurant/customer data.
Agentic Security Operations
- Design and deploy autonomous AI agents within your own security workflow to handle alert triaging, log analysis, and automated threat hunting.
- Build and maintain modern security tooling (SIEM, EDR, IAM) to monitor systems for incidents and lead incident response.
Company-Wide Security & Infrastructure
- Design and implement secure architectures across our cloud, on-prem, and edge environments.
- Collaborate with DevOps to embed security deeply into CI/CD pipelines (DevSecOps) and Infrastructure as Code (Terraform).
- Develop security policies and work with compliance teams on frameworks critical to F&B and fintech (PCI-DSS, SOC 2, ISO 27001).
What You Bring to the Table
- Experience: 5–10+ years of experience in cybersecurity, with a heavy emphasis on Application Security (AppSec) and engineering.
- AppSec Mastery: Exceptional skills in vulnerability detection, penetration testing concepts, and securing complex, modern web applications.
- AI Security Knowledge: Understanding of the OWASP Top 10 for LLMs and how to secure multi-agent systems and RAG pipelines.
- Agentic Mindset: A strong desire (and technical ability) to leverage AI/LLMs to automate your own security operations and threat detection.
- Technical Chops: Proficiency in scripting/programming (Python, Go, or Bash) and hands-on experience with AWS, GCP, or Azure security services.
- Core Cybersecurity: Deep understanding of network security, Zero Trust architecture, container security (Docker/Kubernetes), and security protocols (TLS, OAuth, SAML).
- Bonus Points: Relevant certifications (CISSP, CISM, CEH, OSCP, or cloud security certs) and experience in POS, fintech, or payment systems.
What We Have For You
- Impact: A culture where engineers are encouraged to voice product ideas and improvements.
- Growth: Internal transfer opportunities and support for your transition into Go development.
- Flexibility: Hybrid work arrangement & flexible hours.
- Culture: A young, fun, and energetic team with a casual dress code.
- Compensation: Competitive salary package and benefits.
