Job Description

R_344651 Senior Staff Engineer – Software Development

At Marsh, we are reimagining how secure software is built in an AI-first world.

You will design and build next-generation security infrastructure powered by LLMs, agentic systems, and advanced program analysis, enabling developers to ship secure software by default.

You will operate as a technical leader and builder, working across the full software lifecycle to create autonomous, scalable, developer-first security systems used across hundreds of applications.

What can you expect?

• Lead the application development within Marsh as a technical expert and mentor
• Drive security excellence through hands-on code reviews, architecture guidance, and technical leadership Create and maintain security-focused boilerplate code, libraries, and frameworks for development teams
• Serve as the technical bridge between security requirements and engineering implementation
• Shape the security posture of applications through deep technical involvement in the development lifecycle

What You’ll Do

AI-Driven Secure Development

• Design and build LLM-powered code review systems that identify vulnerabilities, explain risks, and generate secure patches
• Develop agentic security workflows integrated into CI/CD pipelines for continuous, autonomous security validation
• Build AI-assisted threat modeling systems that derive attack surfaces from architecture and code
• Implement semantic code analysis combining static analysis, symbolic execution, and LLM reasoning

Security Platform Engineering

• Architect and develop security libraries, frameworks, and secure-by-default boilerplates used across engineering teams
• Build self-healing pipelines that detect and remediate vulnerabilities before production
• Create developer-first security tooling, including IDE integrations and AI copilots for secure coding
• Design security knowledge systems (RAG/graph-based) to provide context-aware guidance to developers

Architecture & Technical Leadership

• Lead security architecture reviews for distributed systems, microservices, and cloud-native platforms
• Perform advanced threat modeling and security design for new and existing applications
• Influence system design to ensure security is embedded at the architectural level
• Act as the technical bridge between security and engineering, translating complex requirements into scalable implementations

Advanced Security Engineering

• Apply hybrid analysis techniques, combining:
• Static and dynamic analysis (SAST/DAST/IAST)
• Symbolic execution and formal methods

Formal based reasoning

• Build and maintain automated security validation frameworks
• Integrate security into CI/CD, infrastructure-as-code, and deployment pipelines

AI & LLM Security

• Design and secure AI-native applications, addressing:
• Prompt injection and jailbreak attacks
• Data leakage and model misuse
• Model and supply chain integrity
• Develop guardrails, sandboxing, and policy enforcement for LLM-integrated systems
• Establish best practices for secure integration of AI into enterprise systems

Security Champion & Engineering Leadership

• Serve as a senior technical leader within the Security Champion community
• Mentor engineers and guide teams on secure development practices
• Drive adoption of secure-by-design principles across the organization
• Lead discussions and evolution of application security standards and engineering practices

Standards, Automation & Continuous Improvement

• Establish and enforce secure coding standards through automation and tooling
• Lead vulnerability triage, remediation strategy, and incident response validation
• Ensure alignment with OWASP Top 10, SANS Top 25, CWE, and enterprise policies
• Continuously improve security posture through automation, data, and engineering innovation

What you need to have:

Experience and Qualification

• Bachelor’s degree in computer science, Engineering, or equivalent technical experience
• 7+ years of software development experience with strong engineering fundamentals
• Expert-level proficiency in multiple programming languages (JavaScript/TypeScript, Python, Java, C#, etc.)
• Deep understanding of modern application architectures, microservices, and cloud platforms (Azure, AWS)
• Extensive experience with CI/CD pipelines, DevOps practices, and infrastructure as code
• Advanced knowledge of secure coding practices, common vulnerabilities, and security testing methodologies

Security Specialization

• Advanced expertise in application security principles, practices, and industry standards
• Experience with security testing tools (SAST, DAST, IAST, dependency scanning)
• Deep understanding of authentication, authorization, cryptography, and secure communication protocols
• Knowledge of threat modeling methodologies and security architecture patterns
• Experience with security frameworks and compliance requirements (SOC 2, ISO 27001, NYDFS, etc.)

Leadership & Communication

• Proven track record of leading technical initiatives and mentoring development teams
• Excellent communication skills with ability to influence and educate technical and non-technical audiences
• Experience working in distributed, cross-functional teams across multiple time zones
• Strong problem-solving skills with ability to balance security requirements with business needs

What Sets You Apart:

Technical Excellence

• Experience building platform-level systems used by multiple teams
• Ability to design and implement scalable, developer-centric solutions
• Deep curiosity and ability to quickly adapt to new technologies and paradigms

Innovation & Builder Mindset

• Passion for building AI-powered developer tools and infrastructure
• Experience with automation-first or self-healing systems
• Contributions to open source, research, or technical communities

Impact & Ownership

• Track record of driving security transformation at scale
• Ability to balance security, developer experience, and business impact

R_344651 Senior Staff Engineer – Software Development

At Marsh, we are reimagining how secure software is built in an AI-first world.

You will design and build next-generation security infrastructure powered by LLMs, agentic systems, and advanced program analysis, enabling developers to ship secure software by default.

You will operate as a technical leader and builder, working across the full software lifecycle to create autonomous, scalable, developer-first security systems used across hundreds of applications.

What can you expect?

• Lead the application development within Marsh as a technical expert and mentor
• Drive security excellence through hands-on code reviews, architecture guidance, and technical leadership Create and maintain security-focused boilerplate code, libraries, and frameworks for development teams
• Serve as the technical bridge between security requirements and engineering implementation
• Shape the security posture of applications through deep technical involvement in the development lifecycle

What You’ll Do

AI-Driven Secure Development

• Design and build LLM-powered code review systems that identify vulnerabilities, explain risks, and generate secure patches
• Develop agentic security workflows integrated into CI/CD pipelines for continuous, autonomous security validation
• Build AI-assisted threat modeling systems that derive attack surfaces from architecture and code
• Implement semantic code analysis combining static analysis, symbolic execution, and LLM reasoning

Security Platform Engineering

• Architect and develop security libraries, frameworks, and secure-by-default boilerplates used across engineering teams
• Build self-healing pipelines that detect and remediate vulnerabilities before production
• Create developer-first security tooling, including IDE integrations and AI copilots for secure coding
• Design security knowledge systems (RAG/graph-based) to provide context-aware guidance to developers

Architecture & Technical Leadership

• Lead security architecture reviews for distributed systems, microservices, and cloud-native platforms
• Perform advanced threat modeling and security design for new and existing applications
• Influence system design to ensure security is embedded at the architectural level
• Act as the technical bridge between security and engineering, translating complex requirements into scalable implementations

Advanced Security Engineering

• Apply hybrid analysis techniques, combining:
• Static and dynamic analysis (SAST/DAST/IAST)
• Symbolic execution and formal methods

Formal based reasoning

• Build and maintain automated security validation frameworks
• Integrate security into CI/CD, infrastructure-as-code, and deployment pipelines

AI & LLM Security

• Design and secure AI-native applications, addressing:
• Prompt injection and jailbreak attacks
• Data leakage and model misuse
• Model and supply chain integrity
• Develop guardrails, sandboxing, and policy enforcement for LLM-integrated systems
• Establish best practices for secure integration of AI into enterprise systems

Security Champion & Engineering Leadership

• Serve as a senior technical leader within the Security Champion community
• Mentor engineers and guide teams on secure development practices
• Drive adoption of secure-by-design principles across the organization
• Lead discussions and evolution of application security standards and engineering practices

Standards, Automation & Continuous Improvement

• Establish and enforce secure coding standards through automation and tooling
• Lead vulnerability triage, remediation strategy, and incident response validation
• Ensure alignment with OWASP Top 10, SANS Top 25, CWE, and enterprise policies
• Continuously improve security posture through automation, data, and engineering innovation

What you need to have:

Experience and Qualification

• Bachelor’s degree in computer science, Engineering, or equivalent technical experience
• 7+ years of software development experience with strong engineering fundamentals
• Expert-level proficiency in multiple programming languages (JavaScript/TypeScript, Python, Java, C#, etc.)
• Deep understanding of modern application architectures, microservices, and cloud platforms (Azure, AWS)
• Extensive experience with CI/CD pipelines, DevOps practices, and infrastructure as code
• Advanced knowledge of secure coding practices, common vulnerabilities, and security testing methodologies

Security Specialization

• Advanced expertise in application security principles, practices, and industry standards
• Experience with security testing tools (SAST, DAST, IAST, dependency scanning)
• Deep understanding of authentication, authorization, cryptography, and secure communication protocols
• Knowledge of threat modeling methodologies and security architecture patterns
• Experience with security frameworks and compliance requirements (SOC 2, ISO 27001, NYDFS, etc.)

Leadership & Communication

• Proven track record of leading technical initiatives and mentoring development teams
• Excellent communication skills with ability to influence and educate technical and non-technical audiences
• Experience working in distributed, cross-functional teams across multiple time zones
• Strong problem-solving skills with ability to balance security requirements with business needs

What Sets You Apart:

Technical Excellence

• Experience building platform-level systems used by multiple teams
• Ability to design and implement scalable, developer-centric solutions
• Deep curiosity and ability to quickly adapt to new technologies and paradigms

Innovation & Builder Mindset

• Passion for building AI-powered developer tools and infrastructure
• Experience with automation-first or self-healing systems
• Contributions to open source, research, or technical communities

Impact & Ownership

• Track record of driving security transformation at scale
• Ability to balance security, developer experience, and business impact

At Zensar, we’re “experience-led everything” We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better futures Whether for our clients, our people, or the world around us, this belief powers everything we do. At the heart of our culture is ONE with Client - a set of four core values that reflect who we are and how we work: One Zensar, Nurturing, Empowering, and Client Focus

Part of the $4.8 billion RPG Group, we’re a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City. Explore Life at Zensar and join us to Grow. Own. Achieve. Learn. to be the best version of yourself.

We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace. All qualified applicants will be considered without regard to race, creed, color, ancestry, religion, sex, national origin, citizenship, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veteran status.