Senior Software Engineer, Security Engineering Houston, TX or San Francisco Bay Area

Senior Software Engineer, Security Engineering

Houston, TX or San Francisco Bay Area

• Design and implement security controls for onboard (in-vehicle) systems, including secure boot, code signing, secrets and key management, secure over‑the‑air (OTA) updates, and hardening of the autonomous driving software stack.
• Architect and operate security across infrastructure and platforms, spanning Kubernetes, public cloud (AWS), on‑prem data centers, CI/CD pipelines, and internal developer platforms.
• Develop protections for AI systems — assess the security implications of large language models and agentic workflows (prompt injection, data exfiltration, model and supply‑chain risks) and build guardrails, sandboxing, and monitoring.
• Build identity and access management, secrets management, and least‑privilege authorization across services, devices, and the fleet.
• Perform threat modeling, security design reviews, and risk assessments for new products and architectures, partnering with engineering teams to remediate findings.
• Establish vulnerability management, dependency and supply‑chain scanning, and a secure software development lifecycle (SSDLC) across the organization.
• Develop detection, logging, and incident response capabilities to identify and respond to security events across onboard and infrastructure environments.
• Champion a security‑first culture through tooling, automation, documentation, and mentorship.

• Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent experience
• 5+ years of hands‑on software engineering experience, with a strong focus on security
• Solid understanding of applied cryptography, authentication and authorization, secure system design, and common vulnerability classes
• Experience securing cloud infrastructure and/or distributed systems in production

• Experience with embedded, automotive, IoT, or other onboard/edge security (secure boot, TPM/HSM, code signing, OTA updates)
• Familiarity with Kubernetes and cloud security (AWS), IaC security (Terraform, Pulumi), and CI/CD pipeline hardening
• Knowledge of AI/LLM security: prompt injection, model supply chain, agent sandboxing, and AI guardrail frameworks
• Experience with IAM, secrets management (e.g., Hashi Corp Vault), and zero‑trust architectures
• Hands‑on experience with security tooling: SAST/DAST, SBOM and dependency scanning, SIEM, and detection engineering
• Familiarity with security standards and frameworks (e.g., ISO/SAE 21434, NIST, OWASP, SOC
  2)
• Experience with threat modeling and incident response

As set forth in Bot Auto’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.