Title:  Security Engineer

Responsibilities 

• Build and maintain security tooling that integrates directly into developer workflows, including code scanning and dependency analysis 

• Implement identity and permission controls for humans, services and automated agents 

• Develop automated checks for insecure configurations, risky behaviors and policy violations across environments and applications 

• Support secure handling of documents, entities and structured data that drive automated decision processes 

• Contribute to runtime protections for agent workflows including action validation, safe execution constraints and human-approval logic 

• Work with product and engineering teams to assess new features for emerging security risks, especially where automation interacts with sensitive data 

• Enhance detection and monitoring for suspicious patterns across activity logs, agent actions and system outputs 

• Investigate alerts and support remediation, with a focus on preventing the issue from recurring through automation or improved controls 

• Participate in shaping a modern Security Development Lifecycle suited to rapid iteration and agent-driven behavior 

What you will work with 

• Modern code scanning tools and SCA platforms for supply chain integrity 

• Identity systems and permission models capable of handling multi-party and agent interactions 

• CI/CD pipelines that incorporate security gates and automated validations 

• Runtime policy enforcement for APIs, workflows and agent actions 

• Observability tools that can capture fine-grained activity across humans, services and automated systems 

• Data protection mechanisms including classification, masking and controlled access paths 

• Threat modelling for automation flows, retrieval systems and cross-tenant data surfaces 

• Lightweight design documentation, threat modelling and architecture standards 

Requirements 

• Experience in security engineering within modern application or platform environments 

• Knowledge of identity management, permission models and the challenges they pose in distributed systems 

• Familiarity with application security practices including secure coding, code scanning and dependency hygiene 

• Ability to investigate complex behaviors that span multiple services, data layers and automation components 

• Curiosity about how automation and agent workflows introduce new risk categories 

• Strong scripting or coding skills to build internal tools, validate patterns and automate remediation 

• Collaboration mindset to engage product, engineering and data teams in improving overall security posture 

Why this role matters 

The platform processes sensitive commercial, supplier and contract data, and users depend on it for accurate decisions. As we introduce more automation and intelligent workflows, the need for strong, reliable security becomes central to trust and adoption. Both customers and internal teams expect systems that are fast, safe and predictable. This role establishes the security foundation that allows us to innovate quickly while protecting the integrity of our data and the confidence of everyone who relies on the platform.