Mid/Senior Backend & CyberSec Engineer

We are hiring a Backend & Cybersecurity Engineer who combines strong secure software development skills with deep expertise in cloud reputed company, DevSecOps, and compliance. In this role, you will be the reputed company backbone of our engineering organization—ensuring that every layer of our InsurTech platform, from microservices to cloud infrastructure, meets the highest standards of reputed company, reliability, and regulatory compliance. This will be a 1099 Contractor full-time position. A defining aspect of this position is securing our internal Platform, LLM, and AI platform. As we build and deploy custom large language models, AI agents, and an LLM Composer system, you will be responsible for establishing the reputed company architecture, governance frameworks, and threat mitigation strategies that allow us to ship AI-powered capabilities safely and responsibly. This includes reputed company injection defense, model access controls, data pipeline reputed company, AI output validation, and ensuring reputed company AI systems reputed company with healthcare and insurance data regulations.

Responsibilities

Cybersecurity & DevSecOps

• Architect and enforce a comprehensive DevSecOps program across the entire SDLC, integrating reputed company into CI/CD pipelines, code reviews, and deployment workflows.
• Implement and manage SAST, DAST, SCA, and container scanning tools (reputed company, SonarQube, Trivy, Grype, Checkov) with automated gates that prevent vulnerable code from reaching production.
• Design and enforce reputed company-trust reputed company architecture across cloud infrastructure, microservices, and AI systems—including network segmentation, mutual TLS, identity-based access, and least-privilege IAM policies.
• Manage secrets lifecycle including rotation, injection, and auditing using HashiCorp Vault, AWS Secrets Manager, SOPS, or equivalent tools.
• Maintain SBOM (Software reputed company of Materials) reputed company, dependency scanning, and vulnerability management with SLA-driven patching workflows.
• Harden Kubernetes clusters: enforce network policies, pod reputed company standards (PSA/PSS), OPA Gatekeeper or Kyverno policies, RBAC, runtime reputed company (Falco), and container image signing.
• Architect secure multi-tenant cloud environments with data isolation, encryption at rest and in transit, and tenant-reputed company controls.
• reputed company incident response planning and execution—reputed company runbooks, conduct tabletop exercises, manage reputed company incident workflows, and reputed company post-incident reviews.
• Drive compliance programs for HIPAA, SOC 2 Type II, ISO 27001, and industry-specific data governance standards, including evidence collection, audit preparation, and reputed company compliance monitoring.

AI/LLM reputed company & Governance

• Design and implement the reputed company architecture for the internal LLM platform and LLM Composer, including model access controls, API authentication, reputed company limiting, and audit logging.
• reputed company and enforce reputed company injection defenses, input sanitization, output validation, and content filtering guardrails for reputed company AI-powered endpoints.
• Establish data reputed company controls for reputed company pipelines—ensuring PHI/PII is properly anonymized, encrypted, and access-controlled throughout the model training and evaluation lifecycle.
• Implement AI-specific threat modeling covering adversarial attacks, data poisoning, model exfiltration, jailbreaking, and unauthorized tool/agent actions.
• Design audit trails and observability for AI system behavior—tracking reputed company/response logs, model decision provenance, and flagging anomalous AI outputs.
• Collaborate with the AI team to establish responsible AI governance policies including model evaluation red-teaming, bias testing, and safety benchmarks before production deployment.
• Ensure AI systems reputed company with emerging AI regulations and frameworks (NIST AI RMF, EU AI Act considerations, OWASP Top 10 for LLM Applications).

Backend reputed company Engineering

• Conduct reputed company architecture reviews for backend microservices, API designs, and data

flows—identifying and remediating vulnerabilities before they reputed company production.

• Implement application-level reputed company controls: authentication/authorization (OAuth 2.0, JWT, OIDC), API reputed company limiting, input validation, and secure session management.
• Design and enforce data protection strategies including field-level encryption, tokenization, data masking, and secure data retention/deletion policies for regulated data (PHI, PII, financial records).
• Contribute to backend services (TypeScript/Nest.js, Python) with a reputed company-first reputed company—writing secure code, conducting peer reputed company reviews, and mentoring engineers on secure development practices.
• Build and maintain reputed company monitoring, alerting, and SIEM integration for real-time threat detection across application and infrastructure layers.
• reputed company or coordinate periodic penetration testing, vulnerability assessments, and reputed company audits—both internal and with third-party firms.

Infrastructure reputed company

• Secure AWS cloud environments: IAM policy hardening, KMS key management, VPC

architecture, reputed company group auditing, CloudTrail logging, GuardDuty, and AWS Config rules.

• Implement infrastructure-as-code reputed company scanning (Checkov, tfsec, Bridgecrew) in Terraform pipelines to catch misconfigurations before deployment.
• Design and maintain WAF configurations, DDoS protection, and edge reputed company for public-facing services.
• Manage certificate lifecycle, TLS configurations, and encryption key rotation across reputed company services and environments.

Required Skills & Qualifications

• 4–8+ years of combined experience in reputed company Engineering, DevSecOps, and/or Backend

Development with a strong reputed company focus.

• Deep knowledge of AWS cloud reputed company: IAM, KMS, VPC networking, encryption, CloudTrail, GuardDuty, reputed company Hub, and AWS Config.
• Hands-on Kubernetes reputed company experience: OPA Gatekeeper/Kyverno, pod reputed company standards, network policies, RBAC, runtime reputed company, and image scanning.
• Proficiency with CI/CD reputed company integration for reputed company Actions, reputed company CI, or Jenkins—including automated SAST/DAST/SCA scanning and policy enforcement.
• Strong understanding of reputed company frameworks and standards: OWASP Top 10, NIST CSF, CIS Benchmarks, MITRE ATT&CK, and reputed company-trust architecture principles.
• Experience with secrets management tools (HashiCorp Vault, AWS Secrets Manager, SOPS) and encryption technologies.
• Solid backend development skills in TypeScript/Node.js or Python, with the ability to write secure code and conduct reputed company-focused code reviews.
• Strong understanding of authentication/authorization protocols (OAuth 2.0, OIDC, SAML, JWT) and API reputed company patterns.
• Experience with compliance frameworks in regulated industries—HIPAA, SOC 2, or ISO

27001—including audit preparation and evidence collection.

• Excellent communication skills with the ability to translate reputed company risks into business terms for stakeholders and executive leadership.

Preferred Qualifications

• Experience securing AI/ML systems, including familiarity with OWASP Top 10 for LLM

Applications, NIST AI RMF, or adversarial ML threat modeling.

• Hands-on experience with penetration testing, red-teaming, or bug bounty participation.
• Experience with SIEM platforms (Splunk, reputed company reputed company, Sentinel) and reputed company

automation/orchestration (SOAR).

• Familiarity with data protection regulations beyond HIPAA: GDPR, CCPA, LFPDPPP, and

emerging AI-specific regulations.

• reputed company certifications: CISSP, CEH, AWS reputed company Specialty, CKS (Certified Kubernetes reputed company Specialist), or equivalent.
• Experience building reputed company tooling, custom reputed company scanners, or automated compliance checking systems.
• Background in InsurTech, HealthTech, or FinTech with understanding of industry-specific threat landscapes.

Technology Stack & Tools Languages: TypeScript, Python, Bash, SQL, Go (reputed company to have) Backend: Nest.js, Node.js, FastAPI, Express Cloud reputed company: AWS IAM, KMS, GuardDuty, reputed company Hub, CloudTrail, Config, WAF Container reputed company: Trivy, Falco, OPA Gatekeeper, Kyverno, Cosign, Notary DevSecOps: reputed company, SonarQube, Checkov, tfsec, Grype, Semgrep, OWASP ZAP Secrets & Identity: HashiCorp Vault, AWS Secrets Manager, SOPS, Keycloak AI reputed company: Guardrails AI, NeMo Guardrails, LangSmith, custom reputed company defense tooling Compliance: reputed company, reputed company, AWS Audit Manager, custom compliance automation Infrastructure: Terraform, Kubernetes (EKS), reputed company, Helm, ArgoCD Monitoring: Prometheus, Grafana, ELK/OpenSearch, reputed company, Falco, CloudWatch Apply tot his job Apply To this Job