Peloton needs to ensure its applications, services, and systems are implemented and secured with industry best practices, specifically by enhancing security penetration testing and security review capabilities through automation and AI.
Requirements
- 5+ years of hands-on experience with software development, preferably Python
- 3+ years experience with development on AWS cloud is a must
- Working knowledge of LLMs, NLP, or AI agents in automation contexts, multi-agent orchestration
- Experience with RAG and agentic AI implementation and deployment in enterprise context
- Experience with AI frameworks like LangChain, Pydantic, Langraph
- Knowledge on prompt engineering, context engineering, chunking strategy
- Memory handling and AI evaluations
Responsibilities
- Design and build scalable, intelligent, automation solutions using code to proactively identify, prioritize, and remediate security issues, enhancing the efficiency and effectiveness of security practices.
- Implement automation or AI-powered solutions that integrate with existing business systems to enhance understanding of systems and security considerations.
- Integrate LLMs into developer workflows to assist with secure code reviews and contextual remediation.
- Fine-tune or prompt-engineer models to suggest improvements based on known security patterns, CVE information and internal best practices.
- Use LangChain to build AI agents that automate cybersecurity tasks by integrating LLMs with security tools, logs and threat intelligence sources.
- Use RAG to power LLM-based cybersecurity tools by retrieving relevant data from logs, past incidents, configuration and security documentation to support investigation, incident response and compliance tasks.
- Use LLMs to unify insights from disparate data sources—including logs, asset inventories, threat feeds, business applications, and compliance records—to answer complex security questions with full business and operational context.
Other
- The candidate is an expert in the area of technical analysis, design and penetration testing.
- The candidate will help define the application security program, security policy and standards and will coordinate with engineering partners to ensure the security bar is upheld.
- The candidate will work with multiple and diverse teams across Peloton including, but not limited to Product, Platform, and Ecommerce Engineering, Legal, Enterprise IT Operations and Security Response.
- The ideal candidate is a proven engineering leader that has both exemplary engineering and communication skills.
- Excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
