About the company:
Kiefer Tech, the technology arm of Kiefer, leverages over 20 years of engineering heritage from the Green Energy sector to deliver cutting-edge AI, robotics, and enterprise solutions across Greece and the EU. We build sovereign AI infrastructure that keeps data within EU borders, respect privacy, and delivers tangible business impact. Guided by our core values: innovation, quality, and long-term client partnerships, we create enterprise-grade AI infrastructure, the first true Greek Large Language Models, and intelligent automation solutions that empower organizations to thrive. Our strategic collaboration with NVIDIA combines sustainable infrastructure expertise with world-class AI technology, creating an ecosystem that fosters innovation, strengthens Greece’s technological sovereignty, and generates real impact across industries. Join us and help build the AI-powered world of tomorrow.
About the role:
Senior Security Engineer and first dedicated security hire on the Sophea platform. You will establish security as a core engineering capability - hardening cloud infrastructure, securing AI-specific attack surfaces, embedding automated security into the development lifecycle, and enabling teams to ship fast with confidence. This is not a compliance or policy-writing role.
What you will do:
Conduct security assessments and build a prioritized remediation roadmap across infrastructure and services
Harden AWS and Kubernetes environments: IAM, network policies, workload isolation, secrets management
Secure AI-specific attack surfaces: prompt injection defenses, PII handling in LLM pipelines, model interaction data leakage
Embed automated security into CI/CD: dependency scanning, container image scanning, code analysis, secrets detection
Design secure-by-default patterns for service communication, authentication, and data handling
Build incident response capabilities: detection, alerting, response workflows, and post-incident review
Partner with engineering teams to improve security posture without becoming a bottleneck
What you will need
6-10+ years of professional security engineering experience in production environments
Deep hands-on expertise in cloud security (AWS strongly preferred) and container/Kubernetes security
Strong application security skills: securing APIs, microservices, auth flows, and data pipelines
Experience with automated security tooling in CI/CD (SAST, DAST, dependency scanning, container scanning)
Offensive security mindset: ability to think like an attacker, identify non-obvious vulnerabilities, and validate defenses
Track record of building or significantly maturing security programs, not just operating existing ones
Nice to have
AI/LLM security experience (prompt injection, model security, PII in AI pipelines)
CTF participation, bug bounty track record, or formal red team experience
Offensive security certifications (OSCP, OSWE, CRTP)
Incident response and digital forensics
SOC2/ISO27001 compliance implementation (not just audit management)
What is there for you:
Compensation: above typical backend band for Greek/EU market
Remote: fully remote within EU, or hybrid from Athens
Ownership: first dedicated security hire, define security standards from day one
AI-native: real security challenges at the intersection of LLMs, enterprise data, and distributed infrastructure
Growth: budget for conferences/courses/certifications, path to security lead / head of security
Culture: engineering-first, low meetings, high autonomy, async-first
