O pozici
We are looking for an AI Product Security Engineer to join our team in the Czech Republic (hybrid office set up). As an AI Product Security Engineer, you will contribute to building security into Tricentis AI products end-to-end and participate in product security engagements. You will work as a member of the engineering security team to assess, develop, and advocate for AI security best practices, applying your skills to drive secure innovations within AI engineering. Additionally, the AI Product Security Engineer helps implement product security AI guidelines, research potential vulnerabilities in our AI systems, and collaborates closely with our engineering team to incorporate security into our AI lifecycle.
Co budeš dělat
- Participate in security evaluations of Tricentis Products to assess AI product security maturity. Activities include code reviews, threat modelling, software composition analysis, and software security consulting.
- Coordinate security defects tracking and map remediation steps to mitigate vulnerabilities with stakeholders (management), product (PMs, QAs, developers) and security champions
- Review code of your teammates and actively share your security expertise.
- Support developer education in AI security by participating in the internal security community.
- Provide input to product roadmaps from a security perspective.
- Explore and experiment with new AI security technologies, approaches, or patterns.
Koho hledáme
- 2+ years of hands-on technical experience with AI cybersecurity engineering.
- Understanding of how security programs are built and maintained within a commercial business.
- Ability to contribute to technical security assessments to ensure services follow secure design principles across our product portfolio.
- Working knowledge in product focused environment, preferably software security.
- Experience with threat modelling techniques (like STRIDE or similar).
- BSc in Computer Science, a related discipline, or equivalent work experience.
Benefity
- It will be great if you educate and learn continuously, certs are great, skills are even better.
- Get your hands-on attitude: you are not afraid to pick up a modern technology/library/pattern and get productive with it quickly if that is needed for the task at hand.
- Knowledge of security/ compliance requirements for industry-standard certifications like SOC2, FIPS or FedRAMP.
- MS in Computer Science, Information Security, or a related discipline.
- Contributions to the security community: research papers, public CVEs, conference talks, open source, etc.
- Experience with Software development, Cloud technologies and CI/CD pipelines security.
