Senior Security Engineer

at  EchoTwin AI

ABOUT US

EchoTwin AI is the leader in automated compliance monitoring for smart cities. Using advanced artificial intelligence and digital twin technologies, we collect real-time data from vehicles, robots, and drones to ensure service, regulatory, and safety compliance that fosters more sustainable and resilient communities.

WHAT THE JOB INVOLVES

Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data.
We’re looking for a passionate Security Engineer to lead our cybersecurity initiatives and safeguard our code and infrastructure against ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs.

QUALIFICATIONS

• Degree in Computer Science, Engineering, or related field.
• 6+ years of software engineering or equivalent experience.
• Experience with one of the core (Golang, Python) programming languages, scripting, and automation.
• Strong knowledge of encryption protocols, public/private key management, and PKI (Private Key Infrastructure).
• Strong understanding of network security, encryption practices, and secure coding principles.
• Proven experience in cloud security management (AWS, Azure, GCP).
• Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira).
• Familiarity with security compliance standards relevant to our industry.
• Strong skills in managing security tools and vendor relationships.
• Excellent ability to develop and implement security policies and guidelines.
• Understanding og blockchain principles is a plus.
• Relevant certifications in security and cloud platforms are highly desirable.

• Develop and implement comprehensive security strategies for our cloud environments (AWS and GCP) and Linux-based systems.
• Design and implement public/private key management and PKI (Private Key Infrastructure) for our edge devices.
• Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards.
• Design and manage security protocols for our edge devices, ensuring robust protection against external threats.
• Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation.
• Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture.
• Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset.
• Respond swiftly to security incidents, leading the investigation and remediation efforts to minimize impact. This includes resolving security breaches and ensuring that similar vulnerabilities are addressed across all projects.
• We work with our partners and clients to have deep technical discussions about security posture, review and discuss the security requirements, and formulate the necessary changes for the engineering team.
• Manage and maintain CIS-compliant OS images for our Cloud infrastructure and field devices.
• Must possess demonstrable knowledge of application security, security testing methodologies, and application security testing automation.