Skip to main content
Posted 12 June, 2026

Senior Application Security Engineer

Cai
Remote Nationwide, IN Full Time
Reference: 1d7ef1f9934eea54

Job Description

Senior Application Security Engineer

Req number:

R7815

Employment type:

Full time

Worksite flexibility:

Remote Who we are

CAI is a global services firm with over 9,000 associates worldwide and a yearly revenue of $1.3 billion+. We have over 40 years of excellence in uniting talent and technology to power the possible for our clients, colleagues, and communities. As a privately held company, we have the freedom and focus to do what is right—whatever it takes. Our tailor-made solutions create lasting results across the public and commercial sectors, and we are trailblazers in bringing neurodiversity to the enterprise.

Job Summary

We are looking for a motivated Senior Application Security Engineer ready to take us to the next level! If you have security architecture reviews, and code security assessments across microservices and cloud-native applications and are looking for your next career move, apply now.

Job Description

We are looking for a Senior Application Security Engineer to security architecture reviews, and code security assessments across microservices and cloud-native applications . This position will be full time and Remote / Hybrid( Bangalore)

What You’ll Do

  • Application Security Engineer with 5 to 8 years of experience.

  • Lead threat modeling, security architecture reviews, and code security assessments across microservices and cloud-native applications

  • Perform SAST, DAST, SCA, and manual penetration testing on applications

  • Identify , prioritize, and track remediation of vulnerabilities across the application portfolio

  • Define and enforce secure coding standards and security best practices

  • AI / LLM Security (AI Transformation Center Focus)

  • Threat model AI systems — identify and mitigate risks unique to LLM-powered applications: prompt injection, jailbreaking, model inversion, data poisoning, and training data leakage

  • Conduct adversarial testing ( red-teaming ) of LLM and generative AI applications before production release

  • Define and implement guardrails and content safety controls for LLM inputs/outputs (e.g., PII detection, toxicity filtering , output validation .

  • Evaluate and secure AI supply chain — third-party model APIs (OpenAI, Anthropic, Azure OpenAI), open-source model weights (Hugging Face), and fine-tuned models

  • Establish policies around RAG (Retrieval-Augmented Generation) security — securing vector databases, embedding pipelines, and document ingestion workflows

  • Implement controls against indirect prompt injection in agentic AI systems and multi-step LLM pipelines

  • Assess AI agent security — tool call authorization, agent sandboxing, privilege boundaries, and action scope controls

  • Ensure compliance with AI governance frameworks: ISO/IEC 42001, and internal AI usage policies

  • Collaborate with Data Science and ML Engineering teams to secure model training pipelines, dataset storage, and model registries

  • Drive AI incident response playbooks specific to model abuse, hallucination exploitation, and data exfiltration via LLM interfaces

What You'll Need

Required:

  • DevSecOps & CI/CD Security

  • Design and maintain DevSecOps pipelines integrating security gates into GitHub Actions workflows

  • Automate SAST, container scanning, secrets detection, SCA, and AI model scanning within CI/CD pipelines

  • Implement and manage Argo CD security policies, RBAC configurations, and deployment guardrails for GitOps workflows

  • Enforce branch protection, signed commits, and secrets management in GitHub

  • Integrate ML model integrity checks and artifact signing into AI deployment pipelines

  • Container & Orchestration Security

  • Harden Docker images — least-privilege, minimal base images, multi-stage builds, and image signing

  • Secure Kubernetes clusters: RBAC, Pod Security Admission, Network Policies, OPA/Gatekeeper, and runtime security

  • Isolate and sandbox AI inference workloads in Kubernetes — GPU node security, model server hardening (Triton, TorchServe , vLLM )

  • Integrate container vulnerability scanning ( Trivy , Grype , Snyk) into pipelines

  • Security Operations & Governance

  • Define security benchmarks aligned to ISO42001, NIST, OWASP (including OWASP LLM Top 10), and internal standards

  • Collaborate with AI Engineering TEAM, Security and Risk Management Team, GRC Team, Infosec Team to shift security left

Physical Demands

  • Ability to safely and successfully perform the essential job functions

  • Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.

  • Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard, and monitor

Reasonable accommodation statement

If you require a reasonable accommodation in completing this application, interviewing, completing any pre-employment testing, or otherwise participating in the employment selection process, please direct your inquiries to or (888) 824 – 8111.

Apply to this Job

Sign up for Job Alerts

By clicking Create Alert, you agree to the Global Terms of Use Agreement and acknowledge that you have read and understand the Global Privacy Policy.