About Us

At Hayden AI, we are on a mission to harness the power of computer vision to transform the way transit systems and other government agencies address real-world challenges.

From bus lane and bus stop enforcement to transportation optimization technologies and beyond, our innovative mobile perception system empowers our clients to accelerate transit, enhance street safety, and drive toward a sustainable future.

What the job involves

Our Engineering teams work at the cutting edge of technology, leveraging AWS and GCP cloud services and developing our own Linux-based edge devices. As a dynamic startup, we understand the critical importance of cybersecurity in protecting our innovative solutions and ensuring the safety of our digital environment and customer data.

We're looking for a passionate Security Engineer to lead our cybersecurity initiatives, safeguarding our code and infrastructure against the ever-evolving threats. You will manage security for our production and corporate systems, handle security alerts, implement policies, and collaborate with external customers on security needs.

Responsibilities

• Perform regular security audits, risk assessments, and penetration testing to identify vulnerabilities in our code and infrastructure. This includes conducting thorough code audits from a security perspective to ensure our applications are developed with the highest security standards.
• Conduct design reviews with a focus on security.
• Implement, maintain, and triage GitHub codebase security scans, and work with the engineering team on prioritization, assignment, and remediation of vulnerabilities.
• Audit, assess, and harden the security of the base image and Hayden app stack deployed on our edge devices.
• Design and manage security protocols for edge devices to ensure robust protection against external threats.
• Stay abreast of the latest cybersecurity trends and threats, applying this knowledge to fortify our defenses. This includes proactive monitoring and implementing fixes for zero-day vulnerabilities to prevent exploitation.
• Design, audit, and collaborate with the engineering team to remediate cloud-application security vulnerabilities. Define and implement cloud-security policies and best practices to protect our applications and services.
• Develop and enforce security policies and procedures, conducting security awareness training across the company to cultivate a security-first culture.
• Collaborate with development teams to integrate security measures into the software development lifecycle (SDLC), promoting security best practices for application development to mitigate risks from the outset.
• Respond swiftly to any security incidents, leading the investigation and remediation efforts to minimize impact. This includes managing the resolution of security breaches and ensuring that similar vulnerabilities are addressed across all projects.
• Working with our partners and clients to have deep technical discussion about security posture, review and discuss the security requirements and formulate the necessary changes to the engineering team.
• Must possess demonstrable knowledge of application security, security testing methodologies and application security testing automation.

Qualifications

• Degree in Computer Science, Engineering, or related field.
• 6+ years of software engineering or equivalent experience.
• Experience with one of the core (Golang, Python) programming languages, scripting and automation. 
• Strong knowledge of encryption protocols, public/private key management and PKI (Private Key Infrastructure).
• Strong understanding of network security, encryption practices, and secure coding principles.
• Proven experience in cloud security management (AWS, Azure, GCP).
• Familiarity with security policies and controls for internal corporate applications (Google Workspace, GitHub, Jira).
• Familiarity with security compliance standards relevant to our industry.
• Strong skills in managing security tools and vendor relationships.
• Excellent ability to develop and implement security policies and guidelines.
• Understanding of the block chain principles is a plus.
• Relevant certifications in security and cloud platforms are highly desirable.