Senior Security Engineer

Senior Dev Sec Ops  Engineer will lead the integration of security best practices into our software development and deployment pipelines. This role is responsible for building, maintaining, and optimizing secure, automated, and scalable CI/CD environments across multiple cloud and on-premises infrastructures. The ideal candidate has a strong background in Dev Sec Ops , cloud architecture, and cybersecurity — with a passion for enabling secure, efficient software delivery.

• Secure CI/CD pipelines with build attestations, provenance (SLSA concepts), code signing, SBOM generation, dependency and secret scanning, and container image hardening.
• Infrastructure-as-code security (Terraform/Helm) with policy-as-code guardrails (OPA/Kyverno/Checkov) and drift detection, primarily on AWS.
• Cloud security controls in AWS: IAM least privilege, network segmentation and private endpoints, key/secret management, centralized logging/telemetry, and runtime protections for EKS.
• Kubernetes runtime security: admission controls and policy engines (Kyverno/OPA Gatekeeper), Pod Security Standards, CIS benchmarks, RBAC and Network Policies, and EDR/agent integrations.
• Software supply chain safeguards: artifact signing with Sigstore/Cosign, registry governance, vulnerability management and exceptions, and automated remediation.
• Security embedded in ML/AI and data workflows: secure data movement/storage, encryption and access patterns, lineage, isolation for training/inference, and scanning of ML artifacts/model registries.
• Threat modeling with platform, ML, and lab engineering for AISF components (APIs, orchestration, lab devices/edge gateways) and implementation of mitigations.
• Detection-as-code and response playbooks for cloud and Kubernetes integration with SIEM/SOAR; tuning detections to AISF context.
• Self‑service guardrails and “golden paths” (templates, modules, policies) that enable speed with secure defaults and compliance as an outcome.
• Support for audits and evidence collection for SOC 2/ISO 27001, translating controls into engineering artifacts.

• 5–8+ years in Security Engineering/Dev Sec Ops  with deep experience across CI/CD (Git Hub Actions/Git Lab CI/Jenkins), cloud, containers, and IaC (Terraform, Helm/Kustomize); demonstrated ownership of secure‑by‑default pipelines and production Kubernetes hardening.
• Proficiency with policy‑as‑code (OPA, Kyverno, Checkov).
• AWS security depth across EKS, IAM, KMS, VPC/Private Link, ECR, S3, and logging/monitoring stacks; container security including admission control, RBAC, and network policies.
• Supply chain security experience: SBOMs (Cyclone
  
  DX/SPDX), image signing (Cosign), and SLSA‑aligned provenance; vulnerability and secret scanning (e.g., Trivy/Grype, Dependabot/Renovate).
• Strong coding for automation and tooling in Python or Go, plus bash proficiency; experience integrating cloud/K8s telemetry with SIEM/SOAR and building detections.

• Securing ML/AI pipelines (feature stores, model registries, training clusters, inference gateways) and scanning ML artifacts; knowledge of confidential computing/GPU isolation and privacy‑enhancing tech.
• Edge/IoT or lab device security (secure gateways, cert provisioning, zero trust patterns) relevant to autonomous labs.
• Experience in regulated/audit‑heavy environments (SOC 2, ISO 27001; familiarity with lab quality systems).
• SRE‑adjacent skills applied to security controls (observability, reliability, chaos/scenario exercises).
• Prior startup/high‑growth experience enabling developer velocity with strong guardrails; advanced supply chain maturity with Sigstore/Cosign and SLSA concepts.

Lila Sciences is the world’s first scientific superintelligence platform and autonomous lab for life, chemistry, and materials science. We are pioneering a new age of boundless discovery by building the capabilities to apply AI to every aspect of the scientific method. We are introducing scientific superintelligence to solve humankind’s greatest challenges, enabling scientists to bring forth solutions in human health, climate, and sustainability at a pace and scale never experienced before.

Learn…