Principal Engineer, Security

Principal Engineer, Security

Role Mission:
To plan, design, and drive continuous innovation in zero trust architecture, AI threat detection, and next generation forensic techniques on multi cloud environment. 
You will act as a catalyst for transforming how we defend cloud workloads, Kubernetes clusters, and AI pipelines blending deep technical execution with a mandate to research, prototype, and productise novel security solutions.

Responsibilities:
•    Lead continuous innovation: identify emerging threats (cloud, container, AI), research countermeasures, build POCs, and roll out production-ready capabilities.
•    Deep hypervisor & virtualization systems engineering (KVM, Xen) with expert C/Rust programming and understanding of the full boot chain (BIOS/UEFI → kernel launch).
•    Develop security techniques: eBPF anomaly detection, automated K8s runtime defense, forensic memory analysis for serverless workloads.
•    Create internal security labs to simulate multi-cloud attack scenarios (cross-account privilege escalation, container escape, AI model extraction) and build novel detections.
•    Experiment with cutting-edge tools (eBPF, Web Assembly sidecars, confidential computing) for VM introspection, real-time prompt injection detection, etc.
•    Hands-on isolation technologies: IOMMU, VFIO, SR-IOV for high-security guest isolation.
•    Architect and enforce unified security baseline across AWS, Alicloud, and GCP (IAM, logging, encryption, network segmentation).
•    Implement CSPM/CWPP with auto-remediation, policy-as-code (Terraform/Checkov), and workload identity federation.
•    Lead Kubernetes security (CKS focus): admission controllers, OPA/Gatekeeper, Falco, supply chain security (SLSA, SBOM).
•    Deep understanding of Kubernetes core components (API server, scheduler, kubelet, CRI/CNI/CSI interfaces).
•    Lead innovations in AI security, Quantum security and KVM security. 

Qualifications

Requirement ;

•    Degree in Information Technology, Engineering or related field
•    8+ years of experience in infrastructure/cloud security, with 2+ years as a technical lead.
•    Deep hands on experience with AWS plus at least one of Azure/GCP.
•    Production Kubernetes security (RBAC, network policies, admission control, runtime defence).
•    Proficiency in Python or Go for security tooling, and Terraform for IaC.
•    Demonstrated ability to research, prototype, and implement novel security solutions (e.g., conference talks, open source contributions, internal patents).
•    Familiarity with OWASP Top 10 for LLMs, adversarial ML, and tools like Garak, Rebuff, or NeMo Guardrails.
•    Certifications: CKS, AWS Certified Security – Specialty (mandatory)., GCFA, GNFA (optional)