Senior Information Security Engineer

Guild is hiring a Security Engineer. The Information Security team is looking to add a highly motivated and technically inclined individual to work as a Cloud Security Engineer. We are looking for a candidate that is comfortable working in an exciting and fast paced environment. This individual’s responsibilities will mainly focus on ensuring protection of Guild’s various cloud resources and environments. These efforts will ultimately allow Guild to fulfill its mission while also meeting business objectives and compliance requirements.

As a Security Engineer, you will:

• Identify security issues and risks with Guild’s systems and environments. Develop and execute remediation/mitigation plans that provide long term risk reduction.
• Collaborate with cross-functional engineering teams to integrate and advance security standards within a comprehensive enterprise application security program.
• You will serve as a strategic partner to engineering squads, providing expert guidance on the integration and remediation of findings from SAST, DAST, and SCA tools.
• You will design and enforce robust security architectures across the company’s AWS ecosystem.
• Architect and implement security controls for agentic AI systems, including identity, network, and runtime-level defenses (e.g., sandboxing, policy enforcement).
• Develop comprehensive threat models and conduct realistic threat simulations across Guild's offerings, including LLMs, AI agents, and MCP components.
• Develop and tune security policy within various security tools and platforms (CNAPP, EDR, Email Gateway, Vulnerability Management, SIEM, etc…).
• Maintain SOC-2 compliance and assist with audit/client related requests. Assist with incident response and investigation activities.
• Fulfill regular on-call responsibilities as part of a team rotation.

You are a strong fit for this role if you have:

Required Competencies

• Thorough understanding of Integrated Development Environment (IDE) and Continuous integration / Continuous Delivery (CI/CD) Pipeline tools and processes
• Proven experience with software development methodologies and secure coding practices
• 5+ years of industry experience in security engineering, with meaningful focus on cloud security and application security
• Excellent problem-solving and analytical skills. Strong communication skills, both written and verbal, for collaborating with technical and non-technical teams. 
• Ability to work independently, prioritize tasks, and manage multiple security projects simultaneously.

Preferred Competencies

• Solid understanding of LLMs, AI architecture patterns, machine learning models, and related technologies (e.g., MCP, RAG, agentic frameworks)
• Experience with container security, kernel-level hardening, and modern isolation techniques.<