Security Engineer Boston, Massachusetts Security Engineer

Discover opportunities across our network.

We are seeking a Security Engineer to operate Product Security, AI security, and core Security Operations capabilities across our environment.

This is a hands‑on, execution‑focused role responsible for building, integrating, and running security controls that protect our products, customers, internal systems, and AI‑enabled capabilities, from secure design and development through detection, response, and continuous improvement.

The ideal candidate is technically strong, pragmatic, and collaborative, comfortable working directly with Engineering, Product, Infrastructure, and Data teams to embed security and AI governance into how systems are built and operated, rather than bolting it on through process or escalation.

• Partner with Engineering and Product teams to embed security into the SDLC and product lifecycle
• Perform threat modeling, architecture reviews, and design risk assessments for new and existing products, including AI‑enabled features
• Implement, operate, and improve application security controls, including: SAST, DAST, and SCA, Secrets management, Dependency, vulnerability, and configuration management
• Work directly with Engineering teams to prioritize and remediate findings pragmatically
• Define secure coding and design patterns that scale across teams
• Support security controls aligned to SOC 2, PCI DSS, and ISO/IEC 27001 as they relate to product security
• Support the implementation and operation of ISO/IEC 42001 from a technical and security controls perspective
• Partner with Product, Engineering, and Data teams on: AI and model threat modeling, Model lifecycle security and change management, Data sourcing, training data protection, and usage controls, Access control and monitoring for AI systems
• Implement security controls that support AI risk management, traceability, and accountability
• Support audits, internal reviews, and continuous monitoring related to AI governance and responsible AI practices
• Integrate AI security requirements into existing security operations and workflows
• Ensure operational security controls align with SOC 2, PCI DSS, ISO/IEC 27001, and ISO/IEC 42001 requirements
• Implement, integrate, and optimize security tooling across product, cloud, and AI environments
• Integrate security tools into CI/CD pipelines, ML pipelines, and cloud platforms
• Automate repetitive security tasks using scripts, APIs, SOAR platforms, and workflow tools
• Continuously improve security workflows to increase speed, signal quality, and reliability

Qualifications:

• 5+ years of experience in Security Engineering, Product Security, or Security Operations
• Strong understanding of application security principles and secure system design
• Hands‑on experience with:
  Vulnerability management, Incident response, Detection and monitoring
• Experience working directly with Engineering teams on security control implementation
• Familiarity with CI/CD pipelines and modern development environments
• Strong problem‑solving and communication skills

• A Bachelor's or Master's degree in Computer Science, Security Assurance or Relevant field
• Experience securing AI/ML systems or AI‑enabled products
• Familiarity with ISO/IEC 42001 or AI governance frameworks
• Experience securing SaaS or cloud‑native products
• Familiarity with cloud platforms (AWS, GCP, Azure)
• Experience with Infrastructure as Code (Terraform, Cloud Formation)

Devo does not discriminate on the basis of race, color, national origin, religion, gender, age, veteran status or sexual orientation, marital status or disability (in compliance with the Americans with Disabilities Act) with respect to employment opportunities.

Don’t meet every single requirement? At Devo we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

At Devo, diversity and inclusion means more than treating employees well and making them feel welcome. It is a commitment to hiring people who bring different insights because of their