Senior Security Engineer

Qualifications and requirements

• 7+ years software engineering with 5+ years in hands-on security ownership — engineer first, security as a deep specialization.
• Production code in Java and/orPython; comfortable critiquing Terraform or Dockerfile live.
• Deep AWS security: IAM, VPC, KMS, GuardDuty, Security Hub, CloudTrail, Organizations.
• CI/CD security in practice.
• Incident response leadership. Has led a sev-1 security incident end-to-end.
• Has built (not just used) LLM-driven automations: a bot that triages alerts, an agent that validates policies, a script that generates SOC 2 evidence.
• Familiarity with SOC 2, GDPR and/or ISO 27001 via engineering-led approaches.
• Excellent written and verbal English for daily collaboration with US-based teams.

Projects

TruckerCloud is seeking a Senior Security Engineer to lead the strategic and architectural design of security across our products and platforms. This is not a policy-only role — your main focus will be the high-leverage architectural decisions that shape how our platform scales securely and stays compliant.Security is a foundational requirement, not an afterthought. The hands-on portion of this role is concentrated where it matters most right now: AI as a defense. You will fight AI with AI — building automated tools that triage alerts, validate security policies, and flag issues in code before they ship — while establishing guardrails against prompt injection, Shadow AI, and model supply chain risk across our products and internal engineering workflows. You will partner closely with Engineers, Product Manager and leadership to embed these decisions into system design, development workflows, and production operations.

Job functions

Security architecture (strategic)

• Define and own the security architecture for TruckerCloud’s platform across applications, infrastructure, and data systems.
• Define how services authenticate and authorize each other across our distributed platform.
• Design how sensitive telematics and PII data is protected at scale across ingestion, storage, and analytics.
• Shape the AWS account, network, and IAM topology so security is native to the infrastructure rather than bolted on later.

AI defense (hands-on)

• Build AI-driven security tooling — alert-triage agents, code-review assistants that flag risks before they ship, and LLM-powered threat detection — turning AI from a threat vector into a defensive capability.
• Automate security and compliance across the SDLC — CI/CD security gates, policy-as-code, continuous monitoring and alerting, SOC 2 evidence generation, and automated control validation — so both security and audits run as code.
• Set the guardrails for internal AI use (Cursor, Claude Code) across engineering.

Production, response, and compliance

• Lead threat modeling (STRIDE / LINDDUN) and incident response end-to-end.
• Drive compliance readiness (SOC 2, GDPR, data protection standards) through engineering-driven solutions, not policy PDFs.

Conditions

• Supplemental health and dental insurance
• Life insurance coverage
• 5 additional vacation days beyond the statutory 15 days (annually)
• Access to external professional support services
• Sponsorship for certifications and professional development courses
• Employee referral bonus program
• Paid day off on your birthday
• USD 400 annual stipend to enhance your home office/workspace

Desirable skills

• Design controls for prompt injection, Shadow AI, and model supply chain risk in our products and internal engineering workflows.
• Certifications as signal (not requirement): CKS, OSCP, AWS Security Specialty. Insurance, fintech, or regulated-industry experience.