Senior Security Architect at Tessell

<div>About the Role<br><br>We’re looking for a <strong>Senior Security Architect</strong> to be the founding SME for its Security Ops capability.<br>This is a high-leverage, zero-to-one role. You will define what the agent <em>knows</em> and <em>can do</em> in the security domain — from the detection logic and runbooks that power its reasoning, to the agentic workflows that let it autonomously investigate, triage, and remediate security events across multi-cloud environments. You’ll work at the intersection of deep security expertise, AI agent design, and product engineering.<br>If you’ve spent years wishing your security tooling could think and act like a seasoned analyst — this is your chance to build that.<br><br>What You’ll Do<br><br>Own the Security Ops Intelligence Layer</div> <ul> <li>Define the security knowledge layer that powers the agent: threat models, detection logic, investigation playbooks, and remediation workflows across AWS, Azure, GCP, and hybrid environments.</li> <li>Design and build agentic security capabilities — from automated triage and root cause analysis to policy violation detection and cloud misconfiguration remediation.</li> <li>Translate your security expertise into structured, LLM-ready context: runbooks, risk taxonomies, tool schemas, and skill definitions that shape how the agent reasons about security events.</li> </ul> <div>Research → Product</div> <ul> <li>Identify high-impact, underserved security risk areas in cloud-native and AI-native architectures and drive them into the product roadmap.</li> <li>Deliver proofs of risk (demonstrating attack impact) and technical POCs (demonstrating agentic resolution) to validate and prioritize new capabilities.</li> <li>Analyze cloud service APIs, telemetry, and log payloads to define what data the agent needs to ingest and act on.</li> </ul> <div>Shape the Security Ops Agent Experience</div> <ul> <li>Partner with Product and Engineering to design the end-to-end experience for security operations workflows — alert handling, investigation, escalation, and auto-remediation.</li> <li>Define the guardrails, confidence thresholds, and human-in-the-loop checkpoints that make the agent trustworthy in production security environments.</li> <li>Serve as the internal authority on security correctness — reviewing agent outputs, catching reasoning gaps, and continuously improving the agent’s security judgment.</li> </ul> <div>Customer &amp; Market Proximity</div> <ul> <li>Engage directly with design partners and enterprise customers to understand their SecOps workflows, tooling stack, and compliance requirements.</li> <li>Monitor the threat landscape and translate emerging attack patterns into new agent skills and detections.</li> </ul> <div><br><br>What You’ll Bring</div> <ul> <li><strong>8+ years</strong> of hands-on experience in cloud security, security architecture, or security engineering — with deep expertise in at least two of AWS, Azure, or GCP.</li> <li>Strong command of cloud-native threat models: IAM abuse, data exfiltration paths, lateral movement, supply chain risk, and misconfiguration patterns at scale.</li> <li>Experience with security telemetry pipelines — CloudTrail, GuardDuty, Security Hub, Defender, Chronicle, or equivalent — and the ability to design detection logic against them.</li> <li>Proven ability to build or operationalize security runbooks and response playbooks, ideally in a SOC, CSIRT, or product security engineering context.</li> <li>Hands-on scripting and automation skills (Python, Go, or equivalent) for building POCs, tooling, and integrations.</li> <li>Strong product instincts — you can translate deep security expertise into clear requirements, user-facing workflows, and actionable roadmap decisions.</li> <li>Excellent written communication; able to make complex risk and architecture tradeoffs legible to engineering, product, and executive stakeholders.</li> </ul> <div><strong>Bonus:</strong></div> <ul> <li>Prior experience building security features for a SaaS or cloud infrastructure product.</li> <li>Familiarity with LLM-based agent architectures, tool use, or AI-powered security tooling (e.g., security copilots, SIEM AI assistants).</li> <li>Certifications: CISSP, CCSP, AWS Security Specialty, or equivalent.</li> </ul> <div>Why This Role</div> <ul> <li>You’ll be the first dedicated security domain expert on this initiative — your fingerprints will be on the product architecture from day one.</li> <li>Direct path into senior product, research, or engineering leadership as the product scales.</li> <li>Work at the frontier of AI + security — a space that is moving fast and where being early matters enormously.</li> <li>Competitive compensation, equity, and benefits.</li> </ul>