Contract Security Engineer – AI, Identity & Digital Commerce Security

6–12 Month Contract+

FL preferred | East or Central U.S. preferred, open to West Coast as well

Hybrid – 4 days onsite preferred

No H1B sponsorship available

We are hiring a senior, hands-on Security Engineer to help secure the next generation of AI-enabled customer experiences in a large-scale, consumer-facing digital commerce environment.

This is a rare opportunity to work at the intersection of modern application security, identity and authorization, non-human identity, and emerging AI-driven workflows. You will partner directly with software engineers building customer-facing experiences and help ensure those systems are secure, resilient, and ready to scale.

This is not a passive advisory role. We are looking for a builder -- someone who can engage deeply with engineering teams, review architecture, identify risk early, and help put practical guardrails around modern digital experiences as they are being built.

What You’ll Be Working On

• Securing AI-enabled customer journeys across a modern digital commerce platform
• Helping define safe action boundaries, authorization controls, and runtime guardrails for AI-driven or agent-like behaviors
• Reviewing web, API, and microservices architectures for security gaps and design weaknesses
• Supporting secure design across customer-facing applications, backend services, and distributed systems
• Advising on OAuth/OIDC, delegated authorization, workload identity, and human-to-agent-to-tool attribution
• Partnering with engineering teams on threat modeling, risk reduction, and secure implementation patterns
• Helping teams move fast while building security in early and intelligently

What We’re Looking For

• 8+ years of experience in security engineering, application security, or product security
• Strong hands-on experience with web application and API security
• Experience in consumer-facing digital platforms, eCommerce, booking, personalization, or other high-traffic environments
• Solid understanding of OAuth, OIDC, authorization models, service/workload identity, and non-human identity
• Familiarity with AI-enabled applications, automation, chatbots, copilots, or agent-like systems
• Ability to work directly with developers and influence secure outcomes in a fast-moving environment
• Experience with cloud-native architectures, microservices, and modern DevSecOps / SDLC practices

Nice to Have

• Experience with agentic AI security, runtime policy enforcement, or AI guardrail design
• CIAM familiarity
• WAF, API gateway, bot mitigation, or fraud/abuse prevention experience
• AWS or other hyperscale cloud experience

Why This Role Stands Out

This is a chance to work on real-world AI security challenges in a live, consumer-facing environment -- not just policy discussions or lab concepts. The right person will help shape how modern customer experiences are secured as AI becomes part of the product itself.

If you enjoy working close to engineering, solving hard security problems in modern architectures, and helping build secure digital experiences at scale, this is the kind of role that does not come around often.