Senior Security & Test Engineer (A2A)
Remote in Republic of Lithuania, Latvia
Security.Testing& 5 others
Looking for something else?
Find a vacancy that works for you. Send us your CV to receive a personalized offer.
Find me a jobChoose an option
We are seeking a Senior Security & Test Engineer (A2A) to own the security, functional and performance test suites for our A2A gateway, focusing on Cedar policy enforcement and agentic AI threat modeling.
Responsibilities
- Own security, functional and performance test suites for the A2A gateway
- Test Cedar policy enforcement correctness across LOG_ONLY and ENFORCE modes
- Conduct trust model gap analysis for non-AgentCore A2A agents
- Validate A2A trust model components including OAuth 2.0, signed Agent Cards and JWT validation
- Enforce token scope requirements across agent communication channels
- Design functional and security test cases for the A2A platform
- Execute performance testing using k6 and Locust
- Verify Cedar policy logic including permit/deny correctness and forbid-overrides-permit rules
- Apply threat modeling practices for agentic AI and LLM systems based on OWASP Top 10 for LLMs
- Identify risks related to excessive agency and tool parameter exfiltration
Requirements
- 3+ years of experience in security engineering or QA
- Expertise in API security testing and performance benchmarking for cloud APIs
- Skills in security test design for AI and agent systems beyond REST APIs
- Background in enforcement mechanism design or implementation
- Proficiency in Python for security test automation
- Knowledge of A2A trust model components (OAuth 2.0, signed Agent Cards, JWT validation)
- English proficiency at B2 level or higher
Nice to have
- Familiarity with multi-agent communication security patterns
- Understanding of trust model gap analysis for non-AgentCore A2A agents
