Senior AI Software Engineer

Benefits

Additional Information

You have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest potential. Senior individual contributor on the Developer Experience (DevX) platform team, responsible for designing, building, and operating an AI-native software delivery platform across five capability domains: FeedBack (AI intelligence, observability, DORA metrics), Enterprise Enablement (Internal Developer Portal, golden-path onboarding), Build & Delivery (CI/CD/CT, GitHub Actions, ArgoCD, Harness), Safety / Application Security (Veracode, SonarCloud, JFrog Xray, supply-chain security), and App Accelerator (container base images, dev containers, starter app templates). Leads the development of AI agentic SDLC workflows - autonomous and human-in-the-loop agents that accelerate code generation, PR review, test authoring, vulnerability remediation, and deployment across engineering teams - in direct support of the platform's north-star goal of taking a developer from template selection to a running pre-production application in 10 minutes or less. Acts as a force multiplier for DevX, partnering with platform, security, container, and product engineering to embed AI assistance into every stage of the SDLC. JOB DESCRIPTION: Essential Duties & Responsibilities Performs a combination of duties in accordance with departmental guidelines: Own and evolve the Internal Developer Platform (Harness IDP) - self-service catalog, scaffolding templates, and golden-path workflows targeting the platform's north-star goal: developer selects a template and has an application deployed to pre-production in 10 minutes or less. Architect and own CI/CD/CT pipelines on GitHub Actions, ArgoCD , and Harness across the Build & Delivery domain ; design for reliability, security, and progressive delivery - able to design and operate end-to-end, not just configure. Design and build AI agentic SDLC workflows: event-driven agents that autonomously perform code generation, PR review, test authoring, Veracode vulnerability auto-remediation, SonarCloud gate enforcement, and release orchestration across the delivery pipeline. Implement evaluation frameworks for agentic systems ( Arize , Phoenix, or equivalent) - define ground truth datasets, regression suites, guardrails, and online/offline evals to ensure AI agents operating inside the SDLC remain safe, accurate , and auditable. Drive supply-chain security inside the Application Security domain: integrate SBOM generation ( JFrog Xray, Syft , or Anchore ) into delivery pipelines, contribute to the Binary Authorization and container image hardening initiative for Kubernetes workloads, and design automated policy gates and remediation flows. Contribute to the App Accelerator domain - maintain and evolve container base images, dev container definitions, and starter app templates so that golden-path scaffolded applications are current, secure, and ready for AI-assisted development from day one. Operate feature flag and progressive-delivery platforms ( LaunchDarkly , Unleash, GCP-native, or equivalent); design kill-switches, canary patterns, and safe rollout strategies that protect production while enabling continuous delivery. Embed observability (Datadog, Dynatrace, Elastic, or equivalent) into platform services and delivery pipelines across the FeedBack domain; own DORA metric instrumentation (deployment frequency, lead time, change failure rate, MTTR) and Application Health dashboards used to measure engineering performance. Champion adoption of AI coding assistants (Claude Code, Cursor, GitHub Copilot) in an AI-native SDLC; build the guardrails, prompt patterns, and developer workflows that make AI-assisted development repeatable and safe at enterprise scale; contribute to the Code Quality as a Service offering alongside Veracode and SonarCloud . Mentor engineers across the DevX and App Accelerator teams; act as a technical consultant for platform adoption, agentic AI patterns, and delivery best practices. Partner with security, infrastructure, architecture, and product engineering counterparts on platform direction, roadmap, and architectural standards; represent DevX in cross-team initiatives spanning container governance, GitHub security controls, and CI/CD policy. May perform additional duties as assigned. Reporting Relationship Typically Director or above Skills, Knowledge & Abilities Required 7+ years in platform engineering with deep CI/CD pipeline ownership in a regulated, enterprise-scale environment (insurance, financial services, or equivalent). Hands-on with GitHub Actions, ArgoCD , Harness, or comparable CD platforms - able to design and operate end-to-end, not just configure. Proficient using AI coding tools (Claude Code, Cursor, GitHub Copilot, or equivalent) in an AI-native SDLC workfl