Staff Security Engineer

Location: Remote (with occasional onsite required)
Experience: 8 years

About the Role

Were looking for a Staff Security Engineer to focus on security into our AI-first development lifecycle from the ground up.
Youll work alongside Staff Engineers building high-performance applications ensuring our systems meet rigorous compliance standards while enabling rapid AI-assisted development.

This role isnt about bolting security reviews onto the end of a pipeline. Youll shape how security integrates with agentic development patterns defining guardrails that let teams move fast without compromising compliance or data protection.

What Youll Do

• Architect secure systems that meet HIPAA and other regulatory requirements while supporting high-performance Go/Rust backends and TypeScript frontends

• Define security patterns for AI-assisted developmentensuring agentic workflows dont introduce vulnerabilities through prompt injection data leakage or unvalidated AI-generated code

• Build compliance into the SDLCautomate security checks audit logging and policy enforcement that work with (not against) AI-first workflows

• Threat model AI-integrated systemsidentify risks unique to long-running agent loops multi-agent orchestration and LLM-powered features

• Own security architecture decisions and influence technical direction across the team

• Establish secure development practices that the team can adopt without friction including AI-assisted security reviews

What Were Looking For

• 8 years in security engineering with experience in application security infrastructure security or security architecture

• Familiarity with modern backend stacksyou can review Go or Rust code and understand TypeScript frontend security concerns

• Experience securing AI/ML systemsor strong interest and aptitude in LLM security risks (prompt injection training data exposure model manipulation)

• Practical compliance mindsetyou know how to satisfy auditors without creating engineering bottlenecks

• Threat modeling skillsyou think in attack surfaces and can anticipate risks in novel architectures

Nice to Have

• Experience with agentic development patterns (BMAD or similar) from a security perspective

• Background in secure SDLC tooling (SAST DAST dependency scanning policy-as-code)

• Contributions to security frameworks or compliance automation

• Experience with PHI/PII data handling at scale

• Certifications: CISSP CCSP or healthcare-specific security credentials

Why This Role

Security in AI-first development is an emerging discipline. You wont be following a playbookyoull be writing it. Youll have direct influence on how we balance velocity with compliance shaping patterns that protect sensitive data while enabling teams to leverage agentic workflows effectively.

This posting is for an existing vacancy that we are actively looking to fill.
We use artificial intelligence (AI) to assist in the screening assessment and selection of applicants.

ABOUT US

iTMethods builds sovereign AI infrastructure for regulated industries. For 20 years weve earned the trust of 100 enterprise customers in financial services healthcare pharma semiconductor defence and technology. Our platform The Fortress Family (Forge Reign BioCompute) helps organizations govern AI where compliance isnt optional and evidence matters.