Security Architect (DevSecOps / AI Security)

We are looking for a Security Architect to join a high-performing distributed engineering team working on a modern cloud-native platform for employee benefits. The position is fully remote from Portugal and the colaboration would be through full-time B2B contract.

This role sits at the intersection of application security, DevSecOps, and AI-assisted software engineering, with a strong focus on building secure-by-design systems in a complex distributed microservices environment.

You will play a key role in strengthening security practices across the engineering lifecycle, enabling safe adoption of AI coding tools, and ensuring security is embedded into CI/CD pipelines and architecture decisions from the ground up.

Essential functions

• Act as Security Champion, fostering a security-first mindset across engineering teams through training, collaboration, and secure coding guidelines
• Serve as a trusted advisor for developers, product managers, and leadership on application security risks
• Conduct threat modeling and architecture reviews for microservices, features, and AI/LLM integrations
• Define and enforce secure SDLC practices across teams
• Identify vulnerabilities early and establish guardrails before code is written
• Perform secure code reviews in collaboration with development teams
• Drive AI Security Governance, including mitigation of prompt injection, data leakage, and insecure outputs
• Oversee DevSecOps automation and integration of security testing into CI/CD pipelines
• Coordinate vulnerability management, including triage, prioritization, and remediation support
• Communicate complex security risks clearly to technical and non-technical stakeholders

Qualifications

• Strong background in Application Security (AppSec), OWASP standards, and secure SDLC practices
• Hands-on experience with Cloud-Native DevSecOps, especially AWS environments
• Experience implementing and managing CI/CD security tooling (SAST, DAST, SCA, container scanning)
• Proficiency in threat modeling and architecture security reviews
• Strong coding/scripting skills in at least one modern programming language
• Experience with AI-assisted development tools (e.g., Claude)
• Understanding of spec-driven AI development principles
• Experience securing modern web and cloud-native architectures
• Ability to balance security requirements with engineering velocity

Would be a plus

• Experience defining AI security guardrails in production environments
• Background in LLM security risks (prompt injection, data leakage, unsafe output handling)
• Experience working in highly regulated or enterprise environments

We offer

• Opportunity to work on bleeding-edge projects
• Work with a highly motivated and dedicated team
• Competitive salary
• Flexible schedule

About us

Grid Dynamics (NASDAQ: GDYN) is a leading provider of technology consulting, platform and product engineering, AI, and advanced analytics services. Fusing technical vision with business acumen, we solve the most pressing technical challenges and enable positive business outcomes for enterprise companies undergoing business transformation. A key differentiator for Grid Dynamics is our 8 years of experience and leadership in enterprise AI, supported by profound expertise and ongoing investment in data, analytics, cloud & DevOps, application modernization and customer experience. Founded in 2006, Grid Dynamics is headquartered in Silicon Valley with offices across the Americas, Europe, and India.