EXPERIENCE: 5–10 Years  

 Core Responsibilities: 

 • Security Microservices: Architect and build centralized security services (e.g.,  Authentication/Authorization, Secrets Management, PKI) using high-performance  languages.  

• Secure Libraries: Develop standard SDKs/Libraries that abstract complex security  logic (Encryption, Input Validation) for other engineering teams.  

• Automated Remediation: Build bots or "Self-Healing" code that automatically  detects and fixes infrastructure misconfigurations or code vulnerabilities.  

• AI Security (AISec): Build guardrails and "Firewalls" for internal LLM applications to  prevent data leakage and prompt injection.  

Must-Have Skills:  

• Backend Engineering: Expert in Golang or Python. Ability to write production-grade,  testable, and concurrent code. 

 • System Design: Strong understanding of distributed systems, microservices  architecture, and API design.  

• Application Security: Deep knowledge of OWASP standards, Cryptography  fundamentals, and Auth protocols (OAuth2/SAML/OIDC).  

• DevSecOps: Experience integrating security checks into CI/CD pipelines (Linters,  SAST/DAST wrappers).  

Preferred / Nice to Have:  

• Experience with Policy-as-Code frameworks (e.g., OPA). 

 • Knowledge of Service Mesh security patterns.  

• Experience contributing to open-source security projects.