Senior Security Engineer – AI, Cloud & Application Security

Location : Remote (India)

Type : Full-Time

Company : Symosis Security

About Symosis Security

Symosis is a cybersecurity consulting firm purpose-built for the AI-native, cloud-first era. We help public-sector and enterprise clients mature their security operations through managed services, offensive testing, governance, and automation. We’re expanding our MSSP practice and looking for a hands-on leader to own SOC delivery, client engagement, and operational maturity.

The Role

We are seeking a  deeply technical Security Engineer  with strong experience in  application, cloud, and AI / ML security  to perform threat modeling, architecture reviews, and third-party risk assessments for large-scale SaaS and AI platforms.

The ideal candidate is hands-on, can interpret complex architectures like AI / ML data flows (e.g., training, inference, telemetry, and de-identification pipelines), and is comfortable coding or automating in  Python, Azure, or API security environments .

What You’ll Do

Develop and maintain  detailed threat models  for cloud and AI / ML systems, including data flows, trust boundaries, and STRIDE analysis.

Conduct  architecture and design reviews  for 3rd-party integrations and SaaS systems.

Perform  API security reviews , penetration tests, and vulnerability assessments of web and cloud workloads.

Review  machine learning and AI system architectures  for data leakage, bias, model inversion, and telemetry retention risks.

Evaluate  cloud security configurations  (Azure, AWS, GCP) and enforce least-privilege, encryption, and compliance standards.

Support  security automation  and build tools to streamline posture management and integration validation.

Collaborate with engineering and product teams to design secure integration patterns and risk mitigation strategies.

Author  technical threat models and security documentation  similar to structured reviews for AI / ML and SaaS applications.

What We’re Looking For

5–8 years of SOC or NOC experience, preferably in an MSSP environment.

Hands-on expertise with  CrowdStrike Falcon  and  Rapid7 InsightIDR / InsightVM  (certifications preferred or willing to complete within 30 days).

Proven ability to operate in  Tier-2 analyst or shift lead  capacity.

Strong understanding of NIST CSF, MITRE ATT&CK, and incident response workflows.

Excellent written and spoken English; experience supporting  U.S. clients across EST / PST .

Ability to work flexible hours, including rotational coverage for 24×7 operations.

Based in India, remote, with reliable connectivity.

Required Qualification

4–8 years of experience in security engineering, application security, or cloud security.

Strong grasp of threat modeling methodologies and building security in products

Proven experience with AI / ML system or data security, including model lifecycle risk, data privacy, and inference threats.

Proficiency in Python and ability to automate or build scripts for API testing and security validation.

Hands-on experience with Azure Security, API authentication (OAuth, JWT), and network isolation patterns.

Red Team and penetration test assessments

Familiarity with frameworks like OWASP ASVS, NIST 800-53, and ISO 27001 / 27701 / 42001.

Strong analytical writing skills to create professional security reports and threat models.

Preferred Qualification

Prior experience performing or leading AI / ML threat models or cloud application security reviews.

Certifications such as CISSP, CCSP, OSCP, or Azure Security Engineer Associate.

Exposure to Responsible AI, data governance, or ML explainability practices.

Experience integrating with SaaS or third-party APIs securely in production.

Knowledge of Databricks, Adaptive Shield, or Azure Data Factory is a plus.

Why Join Symosis?

Help shape the India SOC operations for a growing U.S. MSSP.

Work with cutting-edge SIEM, EDR, and automation tools.

Collaborate directly with the U.S. SOC Manager and leadership team.

Flat, collaborative culture with high visibility and growth opportunities.

Be part of a technically deep, AI-driven security team.