Senior Software Engineer, Security Engineering

At Bot Auto, we are revolutionizing the transportation of goods with our cutting-edge autonomous trucks, enhancing the quality of life for communities around the globe. With the agility of a start-up and the wisdom of seasoned experts, Bot Auto boasts a team that has achieved numerous world-firsts and unparalleled innovations. United by a shared vision, we create miracles and propel the future of transportation. Join us and transform your dreams into reality.

We are seeking a highly skilled and motivated Senior Software Engineer, Security Engineering to design, build, and operate security across Bot Auto's autonomous trucking stack. The proprietary technology that powers our autonomous driving system is our core intellectual property, and protecting it — along with the safety-relevant systems behind our fleet — is mission critical. In this role, you will work across onboard (in-vehicle) security as well as infrastructure and platform security. You will also help shape how Bot Auto adopts AI responsibly: understanding the security implications of large language models and agentic systems, and developing the protections that let us innovate quickly and safely. As a hands-on technical leader, you will embed security best practices into every layer of our systems, from the vehicle to the cloud.

• →Design and implement security controls for onboard (in-vehicle) systems, including secure boot, code signing, secrets and key management, secure over-the-air (OTA) updates, and hardening of the autonomous driving software stack.
• →Architect and operate security across infrastructure and platforms, spanning Kubernetes, public cloud (AWS), on-prem data centers, CI/CD pipelines, and internal developer platforms.
• →Develop protections for AI systems — assess the security implications of large language models and agentic workflows (prompt injection, data exfiltration, model and supply-chain risks) and build guardrails, sandboxing, and monitoring.
• →Build identity and access management, secrets management, and least-privilege authorization across services, devices, and the fleet.
• →Perform threat modeling, security design reviews, and risk assessments for new products and architectures, partnering with engineering teams to remediate findings.
• →Establish vulnerability management, dependency and supply-chain scanning, and a secure software development lifecycle (SSDLC) across the organization.
• →Develop detection, logging, and incident response capabilities to identify and respond to security events across onboard and infrastructure environments.
• →Champion a security-first culture through tooling, automation, documentation, and mentorship.

• Bachelor's degree in Computer Science, Engineering, or a related field, or equivalent experience
• 5+ years of hands-on software engineering experience, with a strong focus on security
• Strong software development skills in one or more languages: Python, Go, Rust, C/C++, or JavaScript/TypeScript
• Solid understanding of applied cryptography, authentication and authorization, secure system design, and common vulnerability classes
• Experience securing cloud infrastructure and/or distributed systems in production

• Experience with embedded, automotive, IoT, or other onboard/edge security (secure boot, TPM/HSM, code signing, OTA updates)
• Familiarity with Kubernetes and cloud security (AWS), IaC security (Terraform, Pulumi), and CI/CD pipeline hardening
• Knowledge of AI/LLM security: prompt injection, model supply chain, agent sandboxing, and AI guardrail frameworks
• Experience with IAM, secrets management (e.g., HashiCorp Vault), and zero-trust architectures
• Hands-on experience with security tooling: SAST/DAST, SBOM and dependency scanning, SIEM, and detection engineering
• Familiarity with security standards and frameworks (e.g., ISO/SAE 21434, NIST, OWASP, SOC 2)
• Experience with threat modeling and incident response