Customer Security Engineer (API & AI Security)

About Akto

Akto is an enterprise-grade Agentic AI Security platform used by global organizations to discover APIs, continuously test them, and secure AI agents, MCPs, and GenAI applications. Our customers use Akto not for point-in-time reports, but for ongoing security outcomes across APIs and AI systems.

This role is critical to ensuring customers successfully adopt Akto for real-world API security testing and AI red teaming.

Role Overview

We are looking for a hands-on security engineer with a strong pentesting background who wants to move beyond traditional, report-driven penetration testing.

As a Security Engineer – Customer Success, you will own the security testing journey for Akto customers. You will work directly with customer AppSec, DevSecOps, and Platform teams to run API security testing and AI red teaming using Akto, validate findings, explain impact, and help customers improve their security posture over time.

This is a technical, customer-facing role with real ownership of outcomes.

Key Responsibilities

Customer Security Ownership

• Own assigned customer accounts from a security testing and adoption perspective
• Act as the primary security expert for customers using Akto for API security and AI red teaming
• Ensure customers are actively discovering APIs, running tests, and addressing real vulnerabilities

API Security Testing

• Perform hands-on API security testing using Akto:
  • API discovery (including shadow and undocumented APIs)
  • Automated and guided API testing
  • Validation of findings such as IDORs, auth issues, business logic flaws, SSRF, and data exposure
• Go beyond tool output to:
  • Verify findings
  • Explain impact
  • Recommend practical remediation steps

AI Red Teaming & Agent Security

• Run AI red teaming exercises using Akto for:
  • AI agents
  • MCPs
  • GenAI applications and LLM-powered workflows
• Understand and test for AI-specific threats such as:
  • Prompt injection
  • Data leakage and exfiltration
  • Tool misuse and privilege escalation via agents
• Translate AI security risks into actionable insights for customers

Customer Collaboration & Enablement

• Work closely with customer security and engineering teams to:
  • Explain findings clearly
  • Prioritize risks
  • Improve secure development practices
• Join customer calls to walk through results, answer technical questions, and guide next steps

Adoption & Product Feedback

• Proactively identify gaps in product usage or adoption
• Recommend better configurations, additional tests, or expanded use cases
• Provide structured feedback to Product and Engineering teams based on real customer usage

Required Qualifications

• 3+ years of hands-on experience in penetration testing, application security, or API security
• Strong understanding of:
  • API security concepts (REST, auth mechanisms, tokens, roles, rate limits)
  • Common web and API vulnerabilities
  • Business logic and authorization flaws
• Experience testing APIs using tools such as Postman, Burp, or similar
• Ability to validate vulnerabilities and explain risk clearly
• Comfortable working directly with customers in a technical role

Preferred Qualifications

• Experience with API-first security tools or platforms
• Exposure to AI / LLM security, red teaming, or agent-based systems
• Familiarity with OpenAPI / Swagger specifications
• Experience working in a customer-facing or consulting role
• Strong written and verbal communication skills

What Makes This Role Different

• You will own security outcomes, not just generate reports
• You will work on continuous API security and AI red teaming, not point-in-time tests
• You will influence:
  • Customer adoption
  • Product direction
  • Long-term customer success
• You will be at the forefront of API and Agentic AI Security, an emerging and high-impact space

Who Will Succeed in This Role

• A pentester who wants to see vulnerabilities actually fixed
• A security engineer who enjoys working with real production systems
• Someone curious about AI security and excited to learn fast
• A practitioner who values clarity, impact, and ownership