Senior Software Engineer (Security experience)

Complexio's Foundational AI works to automate business activities by ingesting whole company data – both structured and unstructured – and making sense of it. Using proprietary models and algorithms Complexio forms a deep understanding of how humans are interacting and using it. Automation can then replicate and improve these actions independently.

Complexio is a joint venture between Hafnia and Símbolo, in partnership with Marfin Management, C Transport Maritime, Trans Sea Transport and BW Epic Kosan.

We're seeking an exceptional security developer to join our efforts in implementing a sophisticated privacy-preserving access control framework across our autonomous business process automation platform.

You will need strong Python development experience as you will be building a custom encryption service within a micro-services architecture. The scope covers secure service development, OAuth integrations, and identity provider connections.

• Design and implement a comprehensive data privacy and access control architecture that addresses multi-dimensional classification, dynamic permissions, and information barriers
• Focus on privacy-preserving access controls and coordinate with cross-functional teams including data ingestion, knowledge mapping, and automation developers
• Develop and enforce security and privacy standards, policies, and best practices throughout the product development lifecycle

• Architect a multi-layered access control model combining Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and purpose-based limitations
• Oversee implementation of fine-grained data classification frameworks using NLP and other technologies
• Design and validate permission propagation mechanisms for graph data models and derived insights
• Establish security boundaries for autonomous AI agents, ensuring proper context isolation and privilege controls

• Work closely with engineering teams to integrate privacy controls into the data pipeline, knowledge graph, and AI components
• Collaborate with product management to balance privacy requirements with usability and functionality
• Coordinate with customer success to address client-specific privacy and compliance needs
• Influence and guide development teams to prioritize privacy-by-design principles

• 5+ years of experience in information security, data privacy, or access control systems
• Proven track record designing and implementing complex security architectures
• Strong knowledge of modern authorization frameworks, RBAC / ABAC systems, and data classification methodologies
• Experience leading teams and influencing cross-functional stakeholders
• Technical background with understanding of databases, APIs, and enterprise software architecture

• Knowledge of AI / ML systems and the unique privacy challenges they present
• Understanding of data privacy regulations (GDPR, CCPA) and their technical implementation requirements
• Familiarity with LLMs and the privacy implications of their use in enterprise contexts
• Understanding of vector databases and embedding-based systems
• Experience in regulated industries (finance, healthcare, legal) with complex information barrier requirements
• Background in data lineage and provenance tracking systems
• Experience with graph databases (particularly Neo4j) and their security models
• Security certifications such as CISSP, CIPT, or CIPP / E

• Experience building encryption systems (e.g. using AES, RSA, and key management services)
• Hands-on development with OAuth 2.0, OpenID Connect, JWT validation, and RBAC / ABAC systems
• Building secure REST / GraphQL APIs with middleware for authentication, rate limiting, and input validation
• Implementing access controls, query filtering, and audit logging for SQL and NoSQL databases
• Securing pub / sub systems with encryption, authentication, and access controls

• Python (async / await, cryptography libraries, FastAPI)
• Container security (Docker, Kubernetes secrets, network policies)
• Identity providers (Microsoft EntraID, Okta, Auth0 integration)
• Database systems (PostgreSQL, Redis, experience with graph databases preferred)
• Cloud security (AWS / Azure IAM, KMS, security groups)

• Built production encryption / decryption systems handling sensitive data at scale
• Implemented fine-grained permission systems beyond simple role-based access
• Developed secure multi-tenant applications with data isolation between customers
• Created audit logging and compliance reporting for regulated environments
• Integrated with enterprise identity systems in complex organizational structures

• Work with a groundbreaking AI platform solving real enterprise pain points
• Help clients achieve measurable ROI through next-gen automation
• Join a remote-first, globally distributed team backed by industry leaders
• Shape the success function and influence product direction in a fast-scaling AI company