Expert Cyber Security Engineer

Ciklum is looking for an Expert Cyber Security Engineer to join our team full-time in Romania.

We are a custom product engineering company that supports both multinational organizations and scaling startups to solve their most complex business challenges. With a global team of over 4,000 highly skilled developers, consultants, analysts and product owners, we engineer technology that redefines industries and shapes the way people live.

About the role:

As an Expert Cyber Security Engineer at client, you are more than just a tester; you are the bridge between our cutting-edge AI security product and our most sophisticated global clients. This role is a unique 50/50 split between deep-core security research and high-impact customer engagement.

You will help us move beyond traditional, one-off pentesting toward an AI-first model of continuous validation. You will challenge our AI agent’s findings, expand upon its capabilities, and lead the technical conversation with our customers to prove the value of AI-driven security.

Responsibilities:

• Strategic Customer Advisory (50%): * Act as the "Face of Security" for Tenzai during POCs and deep-dive technical sessions with external stakeholders

• Present complex security findings and AI-generated insights to sophisticated clients, helping them interpret risks and prioritize remediation

• Navigate the nuances of an early-stage AI product, confidently managing client expectations and demonstrating the system's evolving capabilities

• Offensive Security Research (30%): * Perform manual, hands-on penetration testing to validate and expand upon the AI agent's findings

• Investigate the "edge cases" where AI might hallucinate or miss logic-driven flaws, providing the human expertise needed to ensure 100% accuracy

• Conduct vulnerability research across complex web applications and modern cloud-native infrastructures

• Product R&D & Innovation (20%):

• Collaborate directly with the development team to improve the AI agent’s scanning methodology, coverage, and test case validation

• Build security tools, scripts (Python), and prototypes to automate repetitive testing tasks and enhance the backend engine

Requirements:

• 7+ years of experience in cybersecurity, with a heavy focus on advanced web application penetration testing

• The "Consultant Mindset": Proven experience in a client-facing role (e.g., as a Security Consultant or Pre-Sales Engineer) where you have presented technical findings to external stakeholders

• Technical Depth: Ability to identify complex, business-logic-driven vulnerabilities that automated scanners miss (multi-stage auth bypass, complex injection flaws)

• Automation Skills: Solid Python scripting skills to build security tools and automate workflows

• Startup DNA: You are proactive, flexible, and comfortable with the "controlled chaos" of a fast-growing startup. You don't just wait for tasks; you challenge requirements and propose better ways to work

Desirable:

• Experience securing AI/ML platforms or serverless architectures

• Expertise in AWS, GCP, or Kubernetes security

• Industry-standard certifications (OSCP, OSEP, CISSP)

Personal skills:

• Resilience & Composure: You stay calm during live demos and can pivot the conversation if a technical tool behaves unexpectedly

• The Proactive Challenger: You are willing to push back on inappropriate work assignments and "challenge" the status quo to ensure the product stays on the right path

• Bilingual Skills: You speak "Developer," "Hacker," and "Business" fluently

Desirable:

• Experience securing AI/ML platforms or serverless architectures

• Expertise in AWS, GCP, or Kubernetes security

• Industry-standard certifications (OSCP, OSEP, CISSP)

#LI-SM1