Security Analyst – MCP & Application

This is a fully remote position, open to applicants in Argentina.

📋 Description

• Take charge of the security measures for the MCP infrastructure by defining and implementing JWT-based authentication, managing secrets, and creating controls for tool usage and agent interactions.

• Detect and address prompt injection vulnerabilities, unauthorized tool usage, and privilege escalation risks within the agentic layer.

• Assess and strengthen AWS infrastructure configurations including IAM policies, VPC rules, secrets exposure, logging, and alerting.

• Manage the client’s existing application security backlog — tackling issues currently addressed on an ad hoc basis by IT and senior developers that require a dedicated, long-term owner.

• Collaborate with the engineering team to review new integrations and MCP components prior to release, establishing a standardized pre-release security review process.

• Record security controls, threat models, and remediation history to enable the client team to operate autonomously over time.

⛳️ Requirements

• Practical experience in application security engineering — with a focus beyond consulting or auditing.

• Proficiency in JWT token validation and API key management in production environments — including scoped access patterns, token lifecycle, and revocation processes.

• Knowledge of authentication and authorization design: OAuth 2.0, API key management, and scoped access patterns in live systems.

• Expertise in secrets management within cloud environments: AWS Secrets Manager, Vault, or similar — demonstrating ownership of the implementation rather than just awareness of their existence.

• Experience in identifying and mitigating prompt injection, tool misuse, and trust boundary vulnerabilities in AI/LLM systems — or a solid foundation in OWASP Top 10 with proven ability to apply it to emerging attack surfaces.

• Ability to function as the sole security representative on a team — capable of raising concerns diplomatically, maintaining technical standards, and prioritizing a backlog without the guidance of a security manager.

• Near-native English proficiency — engaging in daily asynchronous communication with a US-based client team and technical lead.

🏝️ Benefits

• Monthly compensation of $4000 - $5500 — paid in USD, bi-weekly through Deel.

• Working hours aligned with US Eastern Time (EST) — Monday to Friday, 9:00 AM–6:00 PM EST.

• Fully remote position — the flexibility to work from anywhere in Latin America.

• Long-term contract — commencing with an initial 6-month agreement, with opportunities for extension.

• Paid PTO — accrual starts after a 3-month trial period.

• Referral Program — earn bonuses for recommending talent that is successfully hired.