To apply, send us your resume and anything else you'd like to [email protected]

About Amigo

We're helping enterprises build autonomous agents that reliably deliver specialized, complex services—healthcare, legal, and education—with practical precision and human-like judgment. Our mission is to build safe, reliable AI agents that organizations can genuinely depend on. We believe superhuman level agents will become an integral part of our economy over the next decade, and we've developed our own agent architecture to solve the fundamental trust problem in AI. Learn more here.

Role

As the Security & Compliance Lead at Amigo, you'll establish our security-first culture during a critical phase as we harden our platform to maturity. Reporting to the Backend Infrastructure Lead, you'll design comprehensive security and compliance frameworks from first principles, addressing the unique challenges posed by AI agent systems. You'll build architectures that protect against emerging threat vectors like prompt injection, malicious tool calls, and adversarial inputs while ensuring our cloud infrastructure meets enterprise requirements. This role is non-negotiable for our success—in high-trust environments like healthcare, even a single security breach would fundamentally damage customer confidence in our platform and mission.

Responsibilities

• Design and implement security architecture for our AI agent platform from first principles, addressing unique challenges not caught by traditional security scanners
• Develop protection systems against AI-specific threats including prompt injection, tool call manipulation, and adversarial inputs
• Establish comprehensive cloud security controls across AWS infrastructure with a focus on multi-workspace, multi-region deployments
• Create robust isolation mechanisms that ensure perfect data separation between customer environments
• Build security frameworks that protect the entire agent pipeline from data ingestion through memory operations to external system interactions
• Develop compliance frameworks for regulated industries (healthcare, finance, legal) that map our controls to regulatory requirements
• Implement security monitoring systems that detect anomalous agent behaviors, suspicious execution patterns, and potential threats
• Design secure development practices and validation protocols for agent creation and deployment
• Create incident response plans with defined playbooks for immediate mitigation of potential security events
• Develop security evaluation frameworks for all new features and components, ensuring they survive extended testing before production release