Security Architect & Offensive Specialist IRC284824

Description

We’re building a platform of cutting-edge Generative AI services that automate the boring parts of software development—from test generation to infra setup. We’re hiring a highly technical AQA who lives in code, understands cloud-native stacks (Azure, GCP, Kubernetes, Terraform), and enjoys transforming complex real-world scenarios into reliable automated checks. You’ll validate that our platform truly covers real customer workflows, highlight gaps, and drive improvements.

#LI-YZ3

Requirements

We are seeking a seasoned Security Architect & Offensive Specialist to serve as the technical anchor for our Product Security program. This is a high-visibility role for a “security-first” engineer who can navigate a whiteboard session on threat modeling just as comfortably as they can exploit a logic flaw in an API or automate a security gate in a CI/CD pipeline.

Job requirements:

Technical Experience & Expertise

• Offensive Security Mastery: Extensive experience in manual Penetration Testing focusing on Web Applications, APIs, and Cloud environments.
• Security Architecture: Proven ability to conduct deep-dive Security Architecture Reviews and enforce secure design patterns across complex systems.
• Threat Modeling: Hands-on experience leading threat modeling sessions using industry-standard frameworks such as STRIDE or PASTA.
• Vulnerability Management: Expertise in validating, triaging, and prioritizing vulnerabilities from external bug bounty programs or third-party vendors.
• AI/ML Security: Emerging expertise in securing Large Language Models (LLMs), including implementing AI Guardrails and defending against prompt injection and data leakage.

DevSecOps & Automation:

• CI/CD Integration: Demonstrated experience embedding security “gates” and automated scanners directly into DevOps pipelines.
• Application Security Tooling: Deep technical proficiency with the following categories:
• SAST: (e.g., Checkmarx, SonarQube)
• SCA: (e.g., Snyk, Black Duck)
• DAST: (e.g., Burp Suite Enterprise, OWASP ZAP)
• Automation: Ability to automate security workflows and “blocking” mechanisms for critical-severity issues to ensure high developer adoption.

Preferred Qualifications

• Relevant certifications such as OSCP (Offensive Security Certified Professional), CISSP-ISSAP, or specialized Cloud Security certifications (AWS/Azure/GCP).
• Experience securing Machine Learning (ML) pipelines.

Job responsibilities

Core Responsibilities:

1. Architecture & Threat Modeling

• Lead Threat Modeling sessions (STRIDE/PASTA) for critical features early in the design phase.
• Conduct Security Architecture Reviews to identify logical flaws and enforce secure design patterns.

2. Penetration Testing (Offensive Security):

• Perform deep-dive manual Penetration Testing (Web, API, Cloud) to validate critical vulnerabilities
• Manage external bug bounties or pen-test vendors and validate their findings.

3. DevSecOps & Tooling (SAST, DAST, SCA):

• Pipeline Integration: Embed and tune security scanners into the CI/CD pipeline to minimize noise and maximize developer adoption.
• SAST: (e.g., Checkmarx, SonarQube) for code analysis.
• SCA: (e.g., Snyk, Black Duck) for open-source dependency management.
• DAST: (e.g., Burp Suite Ent, OWASP ZAP) for runtime testing.
• Automate “blocking” gates for critical severity issues.

4. AI Security & Guardrails (Strategic Growth):

• Research and implement AI Guardrails to secure LLM usage (preventing prompt injection, PII leakage)
• Collaborate with data teams to secure the ML pipeline and define AI usage policies.

What we offer

Culture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you’ll experience an inclusive culture of acceptance and belonging, where you’ll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders. 

Learning and development. We are committed to your continuous learning and development. You’ll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.

Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you’ll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what’s possible and bring new solutions to market. In the process, you’ll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.

Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!

High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you’re placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.

About GlobalLogic

GlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world’s largest and most forward-thinking companies. Since 2000, we’ve been at the forefront of the digital revolution – helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.