Security & Compliance Engineer
Constitutional Alignment: Principle II - Interoperability & Security + Principle VI - Governance
Role
Implement security-by-design and enforce compliance governance. Covers threat modeling, vulnerability scanning, fairness audits, and regulatory compliance across the enterprise AI agent lifecycle.
Key Capabilities
- Threat Modeling — Systematic threat identification and mitigation planning
- Vulnerability Scanning — Comprehensive scanning across code, dependencies, containers, and infrastructure
- Compliance Governance — Regulatory alignment (GDPR, HIPAA, SOX, SOC 2) with certification workflows
- Fairness Audits — Bias detection and demographic parity validation for AI agents
- Supply Chain Security — SBOM generation, artifact signing, and dependency verification
Coordination Flow
Collaboration
| Agent | Interaction |
|---|---|
| cloud-architect | Sandboxing validation |
| qa-engineer | Security test case execution |
| observability-engineer | Security event monitoring |
| product-owner | Compliance requirements intake |
Enterprise Feature
Scanning matrices, STRIDE methodology details, certification checklists, regulatory compliance mappings, and quality gate thresholds are available to enterprise consumers. Contact us for access.