My Exclusive Client is a leading integration and automation platform built on the .NET stack, empowering businesses to connect systems and streamline operations. We’re committed to building secure, resilient software and are seeking a visionary Head of Security who combines deep engineering expertise with cutting-edge AI-driven security practices. Role Overview We are seeking a Head of Security who operates like an ethical hacker and software engineer in equal measure. This is a hands-on, dedicated role focused on proactively finding vulnerabilities, securing operational controls, and building AI-augmented security solutions within our .NET codebase. You will work primarily at the application layer, identifying attack surface points across the app and broader Microsoft Azure stack, and designing/software-engineering solutions to fix them. You’ll leverage AI effectively—prompting it correctly to detect issues, generate secure code, and automate vulnerability discovery. This is not a purely managerial role. You will write code, build security tooling, and engineer solutions directly into My Exclusive Client’s platforms. Key Responsibilities 1. AI-Driven Vulnerability Discovery Use AI tools and large language models (LLMs) to systematically scan, analyze, and identify vulnerabilities in our .NET codebaseCraft precise prompts and develop AI-assisted workflows to detect security flaws, insecure patterns, and logical loopholesBuild internal AI-powered security scanners and automation tools 2. Ethical Hacking & Code-Level Security Act as an ethical hacker within the codebase: perform deep code reviews, penetration testing, and exploit simulationIdentify security loopholes at the proxy layer, network layer, and infrastructure layer (not just application-level)Map and analyze attack surface points across the Microsoft security stack (Azure, Entra ID, Defender, Sentinel, Key Vault, etc.) 3. Solution Engineering Build software solutions (tools, patches, hardening frameworks) in .NET to remediate identified vulnerabilitiesDesign and implement operational security controls that are sustainable, automated, and measurableEngineer secure-by-default patterns into My Exclusive Client’s development lifecycle 4. Operational Controls & Security Strategy Maintain and extend compliance certifications (e.g. SOC 2 Type II) by defining and enforcing security operational controls across development, deployment, and runtime environmentsConduct risk assessments and threat modeling focused on application, API gateways, and Microsoft Azure infrastructureDevelop incident response playbooks and proactive defense mechanisms 5. Collaboration & Culture Work closely with engineering teams to embed security into the SDLCFoster a “peaceful,” proactive security culture focused on discovery and prevention rather than blameMentor developers on secure coding practices, AI-augmented security, and .NET security patterns Required Qualifications Technical Skills 5+ years in security engineering, ethical hacking, or application security 3+ years as a software engineer with strong expertise in the .NET stack (C#, ASP.NET Core, Entity Framework) Deep hands-on experience with API gateways, reverse proxies, and general network security Proven ability to use AI/LLMs for security: prompt engineering, automated code analysis, vulnerability generation/detection Experience building security tooling, scanners, or automation frameworks Certifications (Preferred but not mandatory) OSCP, OSCE, or CEH (ethical hacking) Microsoft certifications: AZ-500 (Security Engineer), SC-900/200 CSSLP, CISSP, or CISM (security leadership) Soft Skills Exceptional problem-solver with a calm, methodical, and peaceful mindset Strong communication skills to translate technical risks into actionable engineering tasks Self-starter who thrives in autonomy and takes ownership of security outcomes What You’ll Build Detect and patch application-layer vulns, working with the R & D team Develop, test and review appropriate configuration for infrastructure Custom security tooling integrating AI prompts, .NET code analysis, and Microsoft stack hardening A proactive security culture where vulnerability discovery is celebrated, not punished What We Offer A dedicated, focused role with minimal bureaucracy and maximum impact Opportunity to pioneer AI-driven security engineering in a real-world .NET platform Competitive salary + benefits Continuous learning budget (confidence in AI, security conferences, certifications) Trust-based culture focused on building and preventing, not reacting