Principal Application Security Engineer

BLACKBIRD.AI protects organizations from narrative attacks created by deepfakes, misinformation and disinformation that cause financial and reputational harm. Our Constellation AI-driven Narrative Intelligence Platform – identifies key narratives that impact your organization/industry, the influence behind them, the networks they touch, the anomalous bot behavior that scales them, and the cohorts and communities that connect them. This information enables organizations to proactively understand narrative threats as they scale and become harmful for better strategic decision-making. A diverse team of AI experts, threat intelligence analysts, and national security professionals founded Blackbird.AI to defend information integrity and fight a new class of narrative threats.We are seeking a highly skilled Principal Application Security Engineer to join our team. Reporting directly to the CISO, you will play a critical role in securing our applications and infrastructure hosted on AWS and Kubernetes. Your expertise will be instrumental in helping us achieve key security certifications such as SOC 2, overseeing penetration testing, and implementing best practices to enhance our security posture.As the Principal Application Security Engineer, you will:Security Strategy and LeadershipDevelop and implement a comprehensive application security strategy aligned with company objectives.Lead initiatives to achieve security certifications, including SOC 2, FEDRAMP, GDPR compliance.Collaborate with cross-functional teams to integrate security best practices into all stages of the Software Development Lifecycle (SDLC).Application and Infrastructure SecurityAssess and enhance the security of applications hosted in AWS and Kubernetes environments.Conduct regular security assessments, code reviews, and vulnerability scans.Implement security controls and policies to protect against threats and vulnerabilities.Compliance and CertificationPrepare and lead efforts to achieve SOC 2 certification and maintain compliance.Coordinate with external auditors and ensure all security documentation is up-to-date.Monitor and enforce compliance with industry standards and regulations.Penetration Testing and Risk AssessmentPlan and oversee regular penetration testing activities.Analyze test results and work with development teams to remediate identified vulnerabilities.Continuously monitor for emerging threats and adjust security strategies accordingly.Education and MentorshipProvide training and mentorship to engineering teams on secure coding practices.Promote a culture of security awareness throughout the companyEducation and ExperienceBachelor’s or Master’s degree in Computer Science, Information Security, or a related field.Minimum of 10 years of experience in application security engineering.Proven experience in achieving security certifications such as SOC2, FEDRAMP, GDPR etc.Technical SkillsDeep understanding of AWS services and security best practices.Strong knowledge of security principles, practices, and technologies related to AWS and Kubernetes.In-depth understanding of web, API, and microservices security.Expertise in cloud infrastructure security, especially AWS services like IAM, EC2, S3, and Lambda.Solid grasp of common security vulnerabilities and mitigation techniques, especially in containerized environments (Docker, Kubernetes).Familiarity with DevSecOps practices and CI/CD pipelines.Hands-on experience with security tools such as static/dynamic analysis tools (SAST/DAST), vulnerability scanners, and penetration testing frameworks.Proficient in security assessment tools and methodologies.Strong knowledge of compliance frameworks and standards (e.g., SOC 2, ISO 27001).Experience with penetration testing tools and techniques.Familiarity with programming languages such as Python, Go, or Java.Certifications (Preferred)CISSP, CISM, OSCP, or other relevant security certifications.Preferred QualificationsStrong leadership and communication skills.Ability to work collaboratively in a fast-paced environment.Detail-oriented with a strong commitment to excellence.We’ve outlined specific skills, experience, and requirements for this position, but don’t stress if you don’t meet every single one. Our Talent Team is dedicated to discovering exceptional individuals, and they might identify a relevant aspect of your background that suits this role or another opportunity within Blackbird.AI.If you have passion for the role, please still apply.What’s in it for you:Blackbird.AI is embarking on an exciting growth journey with numerous opportunities for career development within the company. You will join a nurturing, inclusive, and experienced team.Join us as we soar to new heights!Values:At Blackbird.AI, our core values shape how we work and make decisions. Our values inspire us to be authentic and continue improving.We embrace a strong sense of responsibility to society, recognizing the vital role our services play in empowering governments, communities, and individuals to foster critical thinking and empowerment. We believe in integrating personal and professional lives with societal needs, emphasizing the importance of creating an environment that attracts top talent and provides substantial growth opportunities. We are motivated by the potential of science and technology to impact humanity positively.

#J-18808-Ljbffr