Agentic Security Developer

Solidigm


Job Location:

Zapopan - Mexico

Monthly Salary: Not Disclosed
Posted on: 11 hours ago
Vacancies: 1 Vacancy

Job Summary

Agentic Detection & Response Engineering

  • Define and own detection coverage strategy establish detection standards naming conventions and quality criteria for the SOC and Product Security program. 

  • Map the threat landscape to MITRE ATT&CK TTP coverage; prioritize detection development against real adversary behaviors and threat intelligence; maintain ATT&CK coverage heatmaps and track MTTD and false positive rates as operational KPIs. 

  • Build and ship agentic detection and response own the full lifecycle from threat use case through detections-as-code automated triage and production agentic response workflows. 

  • Design and govern AI agent identity and delegation architect the end-to-end lifecycle for non-human identities operating in the security environment including scoped delegation audit logging and kill-switch controls. 

  • Apply MITRE ATLAS adversarial ML techniques to threat-model all agent deployments; validate guardrails against OWASP Top 10 for LLM Applications and OWASP Top 10 for Agentic AI. 

 

Product Security & Cryptographic Infrastructure 

  • Support and enhance Solidigms Product Security & Code Signing platform the cryptographic foundation for firmware signing device identity (EJBCA/PKI) attestation (COSE/CBOR LMS PQC/ML-DSA) and unlock (CRAM/ADU) across all product lines. 

  • Build and maintain automation for signing pipelines HSM health monitoring certificate lifecycle management and access provisioning workflows integrated into CI/CD. 

  • Contribute to PQC adoption ML-DSA LMS/LMOD CNSA 2.0 and OCP 3.0 readiness by developing and shipping the automation and tooling that operationalizes these standards. 

  • Own and evolve the security data platform supporting cryptographic governance: signing telemetry KPI dashboards audit logging and anomaly detection for signing infrastructure. 

  • Architect and govern AI agent integrations within the code signing and cryptographic operations environment scoped identity delegation controls and human-oversight mechanisms for any automation touching signing or key operations. 

 

Application & Product Security Integration 

  • Embed across firmware engineering CI/CD and manufacturing teams delivering security controls pipeline integrations and attestation automation directly in their environments. 

  • Integrate security requirements (SAST SBOM generation and validation attestation signing supply-chain controls) across firmware build and release pipelines. 

  • Validate security controls through adversary emulation and purple team exercises; close coverage gaps identified through testing and operational feedback. 

  • Operate within and strengthen NIST AI RMF OWASP Top 10 for LLM Applications NIST FIPS 140-3 NSA CNSA 2.0 OCP 2.5 to 3.0 and ISO 27001/SOX ITGC governance gates. 

 

Technical Leadership & Expectations 

  • Lead security program components and define detection automation and cryptographic governance standards not just execute them. 

  • Shape the product and application security engineering roadmap through threat modeling control design and input to the Cryptographic Architecture Board and security roadmap. 

  • Serve as initial point of contact for cross-team security engineering projects; align technical outcomes with business requirements across firmware manufacturing and operations. 

  • Mentor MSP analysts junior security engineers and firmware engineers on agentic patterns detection best practices and cryptographic operational hygiene multiplying team effectiveness. 

  • Champion good engineering habits (TDD security-by-design tech debt balance agile) within and beyond the security team; uphold standards that set a benchmark for excellence. 

  • Work with Engineering Managers and the Product & App Security Lead to define priorities roadmap and resource allocation; be accountable for high quality in team output. 

 

Force-Multiply Managed Services & Operational Partners 

  • Build supervised automations that expand analyst and operator capacity under oversight replacing L1 toil with agents and lowering cost-to-serve while maintaining Solidigm governance and visibility. 

  • Develop and maintain operational runbooks training materials and knowledge documentation to build resilient team capabilities and reduce single-person knowledge concentration risk. 

  • Participate in daily weekly and monthly governance rhythms: ops standups KPI reporting quarterly CISO reviews and the Cryptographic Architecture Board. 


Qualifications :

  • Software development proficiency  Python preferred; API integration; infrastructure-as-code; CI/CD pipeline development. This is a development role. Expected experience: 46 years of relevant hands-on work. 

  • Security engineering depth detection engineering SIEM/SOAR platforms (Microsoft Sentinel and/or Splunk) and incident response workflows. Comfortable owning the detection lifecycle end-to-end. 

  • MITRE ATT&CK depth TTP mapping kill chain coverage analysis and detection-to-technique alignment; ability to build and maintain ATT&CK coverage heatmaps and report on TTP coverage gaps. 

  • MITRE ATLAS depth adversarial ML threat modeling for AI systems and agents including model evasion data poisoning prompt injection AI supply-chain compromise and agent-specific attack vectors. 

  • AI/agent development experience hands-on building with agent frameworks RAG pipelines or agentic orchestration in production environments. 

  • AI security governance knowledge NIST AI RMF; OWASP Top 10 for LLM Applications (LLM01LLM10); OWASP Top 10 for Agentic AI; AI safety control design including guardrails human oversight mechanisms and secure orchestration. 

  • Cryptographic and PKI fundamentals working knowledge of HSM operations certificate lifecycle management code signing pipelines and PKI concepts (CA hierarchies certificate policies key management). 

  • Cross-functional leadership  demonstrated ability to lead technical decisions for a functional domain influence decisions in adjacent domains and align technical outcomes with business requirements (IC7 Communication & Leadership standard). 

  • Field/embedded delivery mindset comfortable embedding with operational and engineering teams shipping in partner-controlled environments and coaching across technical levels. 

 

Preferred Qualifications

  • Hands-on experience with HSM platforms Entrust nShield Fortanix DSM or comparable; HSM cluster operations ACS card lifecycle key import/export workflows. 

  • PKI and certificate management EJBCA/KeyFactor Venafi or comparable; manufacturing device identity injection MTKI/sub-CA hierarchies certificate expiry management. 

  • Code signing pipeline experience firmware or binary signing (COSE/CBOR Authenticode or comparable); SBOM generation and signing; attestation workflows. 

  • Post-quantum cryptography (PQC) practical experience with ML-DSA LMS/LMOD or hybrid crypto schemes; familiarity with CNSA 2.0 and NIST PQC standards. 

  • Compliance framework experience NIST FIPS 140-3 NSA CNSA 2.0 OCP 2.5/3.0 ISO 27001 SOX ITGC. 

  • Microsoft security stack  Defender XDR Microsoft Sentinel ( Data Lake) Security Copilot Logic Apps; KQL; Azure. 

  • Splunk SPL log forwarding content/detection management and index administration. 

  • Agentic tooling Model Context Protocol (MCP) Security Copilot plugins LangChain or comparable security-native agent orchestration and connector frameworks. 

  • Non-human identity (NHI) & workload identity Entra Workload Identities Okta or comparable; service principal and managed-identity lifecycle management. 

  • Prior FDE solutions-engineering detection-engineering or product security engineering role in an enterprise manufacturing or hardware product environment. 


Additional Information :

Powered by SmartRecruiters - Candidate Privacy Policy


Remote Work :

No


Employment Type :

Full-time

Agentic Detection & Response EngineeringDefine and own detection coverage strategy establish detection standards naming conventions and quality criteria for the SOC and Product Security program. Map the threat landscape to MITRE ATT&CK TTP coverage; prioritize detection development against real adv...

About Company

Join a multibillion-dollar global company that brings together amazing technology, people, and operational scale to become a powerhouse in the memory industry. Headquartered in Rancho Cordova, California, Solidigm combines elements of an established, successful technology company with ... View more

View Profile View Profile