AI AppSec Engineer Lead

About The Position

Requirements

• You have 8+ years of experience in information security, application security, platform security, or penetration testing, DevSecOps, network security and other security disciplines.
• You have strong knowledge of security of safety risks of Large Language Models and AI Agents (OWASP for LLM Top 10, etcetera)
• You have 5+ Years of experience automating security checks, including SAST, SCA, and DAST, directly into CI/CD pipelines
• You have extensive experience with STRIDE/other threat modeling frameworks, agile workflows, including Scrum and Kanban
• You are experienced in at least one programming languages (Python, Java, .NET)
• You can effectively partner and collaborate with stakeholder teams.
• You have effective communication skills and the ability to outline security risks to leadership.

Nice To Haves

• You have knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers
• You are familiar with function and purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (Examples LangChain, LlamaIndex, etc.)
• You are familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act, etc
• You have Information Security certifications (CISSP, SANS GIAC, CISA, etc.)

Responsibilities

• Secure AI Development Lifecycle: You will procure and/or build technical solutions to embed automated security checks into the AI SDLC and ML-Ops.
• AI Threat Modeling: You will threat model complex Agentic and AI systems and design security requirements collaboratively with developers, architects and business stakeholders
• Code analysis: You will review code for security vulnerabilities in the context of AI-driven systems
• Contribute to Standards and Policies: You will provide thought leadership for Information Security policies and standards for AI in collaboration with technology risk
• AI/Agent SME: You will provide AI/Agent subject matter expertise for AI Incidents and Security Reviews, and help develop incident response playbooks for AI-related security incidents

Benefits

• competitive salary
• bonuses and benefits
• company-funded retirement contribution
• generous time-away and health benefits from day one, with the opportunity for flexible work options
• 2-for-1 matching gifts for your charitable contributions and the opportunity to secure annual grants for the organizations you love
• on-demand professional development resources
• individual annual performance bonus
• Capital’s annual profitability bonus
• retirement plan where Capital contributes 15% of your eligible earnings