Search by job, company or skills

Procore Technologies

Staff Security Engineer

Save
  • Posted 25 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Staff Security Engineer


We're looking for a Staff Security Engineer to join Procore's Security Engineering team as a foundational technical leader. In this role, you won't just be implementing security controls, you will be designing the next generation of autonomous defense. Your mission is to move Procore beyond static automation toward a self-governing, agentic security posture. You will design the high-level frameworks and orchestration layers that allow a fleet of security agents to protect our platform, data, and users with minimal human intervention

.
As a Staff Security Engineer, you are a force multiplier. You will partner with Product & Technology, IT, Security Operations, and GRC to execute the long-term strategy for agentic security engineering. You will use your deep expertise in distributed systems and LLM orchestration to build robust, scalable agentic workflows that solve entire classes of security vulnerabilities permanently. This is a high-impact leadership opportunity to define the future of security engineering for a global SaaS leader - Apply toda

y.
What you'll

do:
At Procore, AI isn't a specialized tool, it's a core competency. We expect every team member to be AI-literate, leveraging generative tools and agentic workflows to move faster and work smarter. You won't just use AI; you'll be building the agentic future of construct

  • ion.
    Architect the Agentic Fab
    ric: Design and implement the multi-agent orchestration layer (using LangGraph, Semantic Kernel, or custom MAS frameworks) that coordinates autonomous security tasks across the enterp
  • rise.Define Agentic Identity & Governance: Solve the complex challenge of Agent Identity—designing how autonomous agents authenticate (IAM/OIDC), manage secrets, and operate within least-privilege guardr
  • ails.Autonomous Vulnerability Eradication: Lead the strategy for self-healing systems, building agents that don't just find bugs, but autonomously architect, test, and deploy platform-wide refactors to eliminate vulnerability cla
  • sses.Secure the AI Infrastructure: Architect the enterprise-wide paved path for secure agent deployment, including high-assurance sandboxing, real-time prompt-injection firewalls, and RAG data-leakage preven
  • tion.Drive the Agentic Roadmap: Design the multi-year technical strategy for shifting Procore from manual security engineering to a human-in-the-loop autonomous m
  • odel.Lead Complex Evaluations: Spearhead the evaluation of emerging agentic security platforms and LLM-native security tools, moving them from proof-of-concept to production at s
  • cale.Advanced Threat Modeling: Build agents capable of performing dynamic, recursive threat modeling of microservices and complex cloud architect
  • ures.Strategic Mentorship: Scale agentic thinking across the entire Security and Engineering organization, setting the standard for how Procore builds and secures autonomous systems. Incident Response Orchestration: Build the autonomous control orchestrator agents capable of performing initial triage, containment, and evidence preservation during high-stakes security ev

ents.
What we're lookin

  • g for:
    Development: 6+ years of experience in hands-on technical security, with a proven track record of shipping complex, distributed software in Python or Go at a Staff
  • level.Agentic Orchestration Mastery: Deep, production-level experience with agent frameworks (LangGraph, CrewAI, AutoGPT). You understand the architecture of stateful, multi-turn agentic loops and autonomous tool-c
  • alling.LLM Security Pioneer: Authoritative knowledge of AI security risks (OWASP LLM Top 10) and experience building defensive layers like Semantic Firewalls, LLM Guardrails, and EWS (Early Warning Systems) for
  • agents.Distributed Systems Expertise: Deep understanding of cloud-native architecture (AWS/K8s) specifically as it relates to providing secure, scalable execution environments for autonomous pro
  • cesses.Agentic Identity & Access: Proven experience building or extending IAM/IGA systems to handle non-human, autonomous entities (service mesh, workload identity, agent-specific t
  • okens).Strategic Influence: The ability to influence engineering leadership and drive the cultural shift from scanning for bugs to building autonomous f
  • ixers.Agentic SDLC Vision: Experience embedding AI agents into the CI/CD pipeline to automate complex reasoning tasks, moving beyond simple static/dynamic an
  • alysis.Analytical Rigor: A systems-thinking approach to security, with the ability to treat prompt engineering as a rigorous logic and control-flow discipline. Communication: Exceptional ability to translate the abstract world of agentic security into concrete, actionable roadmaps for both executives and junior eng

ineers.

More Info

Job Type:
Industry:
Employment Type:

About Company

Job ID: 149154433

Similar Jobs

Bengaluru, India

Skills:

DASTCloud SecurityDlpOktaIncident ResponseTerraformApplication SecuritySiemPythonAWSOPAGovernance Risk ComplianceSecurity Architecture EngineeringGoThreat DetectionGoogle WorkspaceSCAEDRSAST

Bengaluru, India

Skills:

GdprIso 27001PciSiemAWSVulnerability ScannersSOARSOC 2STRIDEPASTAnistSox

Bengaluru, India

Skills:

Burp SuiteNmapAWSApplication SecurityPenetration TestingKubernetesPythonBashDockerDASTMetasploitJavascriptOffensive SecurityGoCobalt StrikeSASTSCA

Bengaluru, India

Skills:

threat modeling security automation JavaPythonGoSecurity Code ReviewsSecure Software DesignSecurity Design StandardsSecure Coding PracticesAPI Security TestingCloud-native Deployment

Bengaluru, India

Skills:

Vulnerability ManagementBashPythonAI toolscompliance-supporting security controlsSecurity Monitoringsecurity tooling administrationsecurity automation playbooks