Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Security Engineer Boston, Massachusetts Security Engineer

Devo

Devo

Posted on Jan 22, 2026
Apply now

Description

JOB SUMMARY
We are seeking a Security Engineer to operate Product Security, AI security, and core Security Operations capabilities across our environment.
This is a hands-on, execution-focused role responsible for building, integrating, and running security controls that protect our products, customers, internal systems, and AI-enabled capabilities, from secure design and development through detection, response, and continuous improvement.
The ideal candidate is technically strong, pragmatic, and collaborative, comfortable working directly with Engineering, Product, Infrastructure, and Data teams to embed security and AI governance into how systems are built and operated, rather than bolting it on through process or escalation.
JOB DETAILS
  • Partner with Engineering and Product teams to embed security into the SDLC and product lifecycle
  • Perform threat modeling, architecture reviews, and design risk assessments for new and existing products, including AI-enabled features
  • Implement, operate, and improve application security controls, including: SAST, DAST, and SCA, Secrets management, Dependency, vulnerability, and configuration management
  • Work directly with Engineering teams to prioritize and remediate findings pragmatically
  • Define secure coding and design patterns that scale across teams
  • Support security controls aligned to SOC 2, PCI DSS, and ISO/IEC 27001 as they relate to product security
  • Support the implementation and operation of ISO/IEC 42001 from a technical and security controls perspective
  • Partner with Product, Engineering, and Data teams on: AI and model threat modeling, Model lifecycle security and change management, Data sourcing, training data protection, and usage controls, Access control and monitoring for AI systems
  • Implement security controls that support AI risk management, traceability, and accountability
  • Support audits, internal reviews, and continuous monitoring related to AI governance and responsible AI practices
  • Integrate AI security requirements into existing security operations and workflows
  • Ensure operational security controls align with SOC 2, PCI DSS, ISO/IEC 27001, and ISO/IEC 42001 requirements
  • Implement, integrate, and optimize security tooling across product, cloud, and AI environments
  • Integrate security tools into CI/CD pipelines, ML pipelines, and cloud platforms
  • Automate repetitive security tasks using scripts, APIs, SOAR platforms, and workflow tools
  • Continuously improve security workflows to increase speed, signal quality, and reliability

CANDIDATE REQUIREMENTS
1. KNOWLEDGES, SKILLS AND ABILITIES
Qualifications:
  • 5+ years of experience in Security Engineering, Product Security, or Security Operations
  • Strong understanding of application security principles and secure system design
  • Hands-on experience with: Vulnerability management, Incident response, Detection and monitoring
  • Experience working directly with Engineering teams on security control implementation
  • Familiarity with CI/CD pipelines and modern development environments
  • Strong problem-solving and communication skills
2. BACKGROUND EXPERIENCES
  • A Bachelor's or Master's degree in Computer Science, Security Assurance or Relevant field
  • Experience securing AI/ML systems or AI-enabled products
  • Familiarity with ISO/IEC 42001 or AI governance frameworks
  • Experience securing SaaS or cloud-native products
  • Familiarity with cloud platforms (AWS, GCP, Azure)
  • Experience with Infrastructure as Code (Terraform, CloudFormation)
  • Scripting or automation experience (Python, Bash, Go, etc.)

Devo does not discriminate on the basis of race, color, national origin, religion, gender, age, veteran status, sexual orientation, marital status or disability (in compliance with the Americans with Disabilities Act) with respect to employment opportunities.

Don’t meet every single requirement? At Devo we are dedicated to building a diverse, inclusive and authentic workplace, so if you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

At Devo, diversity and inclusion means more than treating employees well and making them feel welcome. It is a commitment to hiring people who bring different insights because of their unique perspectives, ways of thinking, and prior experiences.

We intend to continue hiring great people and protecting our culture so everyone can be themselves and speak their minds. That way Devo will always be a place filled with purpose, energy, hard work, thoughtfulness, and respect.

To All Agencies: Please, no phone calls or emails to any employee of Devo outside of the Talent Acquisition team. Devo's policy is to only accept resumes from agencies via the Devo Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Devo and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid

Apply now
See more open positions at Devo
Privacy policyCookie policy