Lead Application Security Engineer — Threat & Vulnerability Management (AI Focus)
Job description
We are seeking a Lead Application Security Engineer to drive secure-by-design engineering for agent code and pipelines and own vulnerability management for AI workloads. This role keeps agentic AI development moving fast while ensuring every agent is built, tested and shipped securely. Experience the freedom of remote work from anywhere in Georgia, whether from the comfort of your home, our modern offices in Tbilisi and Batumi or a coworking space in Kutaisi. Responsibilities Embed SAST DAST and SCA into agent CI/CD pipelines Build and maintain an AI/LLM software bill of materials (SBOM) capability Lead threat modeling for agents against the OWASP LLM Top-10 and Agentic Top-10 Define and enforce vulnerability-management SLAs for AI workloads Establish secure-SDLC guardrails for maker and developer teams Requirements 5+ years of experience in application security engineering Background in SAST, DAST and SCA tooling and triage Expertise in threat modeling with understanding of LLM/agent attack surfaces including prompt injection, tool abuse and data exfiltration Familiarity with AI/LLM supply-chain risk and SBOM practices Background in secure SDLC and DevSecOps pipeline integration Nice to have Skills in Python scripting and automation for security tooling integration Relevant certifications (e.g., GWAPT, CSSLP, OSCP) We offer We connect like-minded people Delivering innovative solutions to industry leaders, making a global impact Enjoyable working environment, whether it is the vibrant office or the comfort of your own home Opportunity to work abroad for up to two months per year Relocation opportunities within our offices in 55+ countries Corporate and social events We invest in your growth Leadership development, career advising, soft skills and well-being programs Certifications, including GCP, Azure and AWS Unlimited access to LinkedIn Learning and Udemy Free English classes with certified teachers We cover it all Participation in the Employee Stock Purchase Plan Monetary bonuses for engaging in the referral program Comprehensive medical & family care package Five trust days per year (sick leave without a medical certificate) Benefits package (sports activities, a variety of stores and services) EPAM Georgia is a team of innovators united by a passion for technology. The dynamic and inclusive culture we embrace helps positively impact our communities, clients, and employees. Here you will collaborate with multi-national teams, contribute to numerous cutting-edge projects, deliver the most creative solutions, and have an opportunity to learn. Our people are at the heart of our success, and we are proud to provide talents with a solid ground to develop and grow.