Principal Engineer, Security

Principal Engineer, Security

Role Mission:
To plan, design, and drive continuous innovation in zero trust architecture, AI threat detection, and next generation forensic techniques on multi cloud environment.
You will act as a catalyst for transforming how we defend cloud workloads, Kubernetes clusters, and AI pipelines blending deep technical execution with a mandate to research, prototype, and productise novel security solutions.

Responsibilities:
Lead continuous innovation: identify emerging threats (cloud, container, AI), research countermeasures, build POCs, and roll out production-ready capabilities.
Deep hypervisor & virtualization systems engineering (KVM, Xen) with expert C/Rust programming and understanding of the full boot chain (BIOS/UEFI kernel launch).
Develop security techniques: eBPF anomaly detection, automated K8s runtime defense, forensic memory analysis for serverless workloads.
Create internal security labs to simulate multi-cloud attack scenarios (cross-account privilege escalation, container escape, AI model extraction) and build novel detections.
Experiment with cutting-edge tools (eBPF, Web Assembly sidecars, confidential computing) for VM introspection, real-time prompt injection detection, etc.
Hands-on isolation technologies: IOMMU, VFIO, SR-IOV for high-security guest isolation.
Architect and enforce unified security baseline across AWS, Alicloud, and GCP (IAM, logging, encryption, network segmentation).
Implement CSPM/CWPP with auto-remediation, policy-as-code (Terraform/Checkov), and workload identity federation.
Lead Kubernetes security (CKS focus): admission controllers, OPA/Gatekeeper, Falco, supply chain security (SLSA, SBOM).
Deep understanding of Kubernetes core components (API server, scheduler, kubelet, CRI/CNI/CSI interfaces).
Lead innovations in AI security, Quantum security and KVM security.

Qualifications

Requirement

Degree in Information Technology, Engineering or related field
8+ years of experience in infrastructure/cloud security, with 2+ years as a technical lead.
Deep hands on experience with AWS plus at least one of Azure/GCP.
Production Kubernetes security (RBAC, network policies, admission control, runtime defence).
Proficiency in Python or Go for security tooling, and Terraform for IaC.
Demonstrated ability to research, prototype, and implement novel security solutions (e.g., conference talks, open source contributions, internal patents).
Familiarity with OWASP Top 10 for LLMs, adversarial ML, and tools like Garak, Rebuff, or NeMo Guardrails.
Certifications: CKS, AWS Certified Security Specialty (mandatory)., GCFA, GNFA (optional)