AI Security Engineer

About Us:

CodeForce 360 is a trusted global IT talent partner helping Fortune 500 companies, system integrators, and enterprise organizations build high-performing technology teams. With over 16 years of industry expertise, we combine speed, precision, and market intelligence to deliver exceptional talent across today's most in-demand technologies.

About the Job- We are looking for an experienced AI Security Engineer to join one of our enterprise client engagements. The ideal candidate should have strong expertise in Security Engineering, Penetration Testing, DevSecOps, Deploying, or operating AI agents or agentic workflows along with experience working in fast-paced enterprise environments.

Job Description:

• As a member of the Application Security team, you will serve as a AI security engineer responsible for designing, building, and operationalizing AI-driven platforms that augment offensive security and Agentic AI Application Security capabilities across the enterprise.
• You will develop and tune autonomous agents, configure and integrate agentic platforms (e.g. Codex Security, Claude Code Security, and other frontier-model-based tools), and manage the end-to-end implementation through production rollout.
• You will work directly with offensive security practitioners, application engineering teams, and leadership to ensure AI tooling is effectively applied to security assessments and delivers measurable value.
• This is a hands-on technical role that requires both offensive security skills and deep practical experience with AI and agentic platforms leveraging frontier models for security use cases.

Responsibilities

• Agent Development – Design, build, and tune autonomous agents for offensive security and code assessment use cases; define tool integrations, prompt strategies, and guardrails.
• Platform Configuration – Configure and integrate agentic platforms (e.g., Codex, Claude Code, etc); manage model selection, context engineering, access controls, and environment setup to align with Application Security and Penetration Testing workflows
• Implementation & Rollout – Manage the end-to-end implementation lifecycle from proof-of-concept through production rollout; coordinate teams to ensure secure, reliable deployment on schedule
• Evaluation & Tuning – Continuously measure agent accuracy, coverage, and exploitability of findings; iterate on prompts, tools, and configurations to improve quality and reduce false positives
• Collaboration – Partner with offensive security practitioners, application security, DevOps, and engineering teams to translate manual tradecraft into repeatable, agent-driven workflows and provide technical guidance on AI integrations
• Process Improvement – Identify opportunities where AI augmentation can reduce manual effort or expand assessment coverage; recommend platform, tooling, or workflow improvements to mature the offensive AI program

Required Qualifications

• 3+ years in Security Engineering, Penetration Testing, or DevSecOps with deep understanding of OWASP top 10, data flow analysis, and secure code architecture
• 1+ years of practical experience building, deploying, or operating AI agents or agentic workflows in a production or enterprise setting
• Demonstrated experience with frontier-model-based agentic platforms (e.g., Claude Code, Codex, and Cursor) including prompt engineering, tool/function calling, and context management
• Strong written and verbal communication skills; able to translate AI capabilities and limitations for technical and executive audiences
• Ability to evaluate agent performance quantitatively (accuracy, coverage, false positive rates) and iterate on prompts, tools, and configurations

Preferred Qualifications

• Relevant certifications a plus (OSCP, GPEN, GWAPT, CEH, or equivalent)
• Proficiency in Python (and/or Bash) for developing custom agents, tool integrations, and automation around LLM APIs
• Strong understanding of common vulnerability classes (OWASP Top 10) and how offensive tradecraft can be encoded into agent workflows
• Experience integrating AI tooling with security platforms, CI/CD pipelines, or vulnerability management systems
• Familiarity with AI/LLM security concerns — prompt injection, data exfiltration, model misuse, sandboxing, and guardrail design

Tools & Environment (Preferred Familiarity)

• Frontier Model APIs and Platforms – Anthropic Claude, OpenAI GPT, Google Gemini, open-weights models (Llama, Qwen) via local or hosted inference
• Model Context & Integration – Model Context Protocol (MCP), function/tool calling, and retrieval-augmented generation (RAG)
• Offensive Security Tooling – Burp Suite, Caido, Nuclei, Semgrep, ffuf, nmap
• Programming & Automation – Python, Bash, Burp extensions
• Cloud platforms (AWS, Azure, Google Cloud Platform) security configurations
• Git-based workflows and code review
• Vulnerability & Workflow Platforms – Jira, ServiceNow, DefectDojo, or similar