AI AppSec Engineer V

Capital Group•Los Angeles, CA

45d•$142,394 - $293,781

About The Position

As an AI AppSec Engineer, you will work with application teams to ensure the security of custom and procured AI solutions. You will help enable Capital Group’s AI strategy by building and/or procuring solutions to protect a diverse set of enterprise AI platforms being built and deployed at Capital Group. You’ll collaborate with platform engineering, security engineering, and risk teams to ensure their solutions support scalable, secure adoption of AI. Additionally, you’ll be expected to provide mentoring, advising diverse teams across the organization, and promoting AI Security principles across Capital Group. Secure AI Development Lifecycle: You will procure and/or build technical solutions to embed automated security checks into the AI SDLC and ML-Ops. AI Threat Modeling: You will threat model complex Agentic and AI systems and design security requirements collaboratively with developers, architects and business stakeholders Code analysis: You will review code for security vulnerabilities in the context of AI-driven systems Contribute to Standards and Policies: You will provide thought leadership for Information Security policies and standards for AI in collaboration with technology risk AI/Agent SME: You will provide AI/Agent subject matter expertise for AI Incidents and Security Reviews, and help develop incident response playbooks for AI-related security incidents

Requirements

8+ years of experience in information security, application security, platform security, or penetration testing, DevSecOps, network security and other security disciplines
Strong knowledge of security of safety risks of Large Language Models and AI Agents (OWASP for LLM Top 10, etcetera)
5+ Years of experience automating security checks, including SAST, SCA, and DAST, directly into CI/CD pipelines
Extensive experience with STRIDE/other threat modeling frameworks, agile workflows, including Scrum and Kanban
Experienced in at least one programming languages (Python, Java, .NET)
Effectively partner and collaborate with stakeholder teams
Effective communication skills and the ability to outline security risks to leadership

Nice To Haves

Knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers
Familiar with function and purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (Examples LangChain, LlamaIndex, etc.)
Familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act, etc
Information Security certifications (CISSP, SANS G

Responsibilities

Work with application teams to ensure the security of custom and procured AI solutions
Enable Capital Group’s AI strategy by building and/or procuring solutions to protect a diverse set of enterprise AI platforms being built and deployed at Capital Group
Collaborate with platform engineering, security engineering, and risk teams to ensure their solutions support scalable, secure adoption of AI
Provide mentoring, advising diverse teams across the organization, and promoting AI Security principles across Capital Group
Procure and/or build technical solutions to embed automated security checks into the AI SDLC and ML-Ops
Threat model complex Agentic and AI systems and design security requirements collaboratively with developers, architects and business stakeholders
Review code for security vulnerabilities in the context of AI-driven systems
Provide thought leadership for Information Security policies and standards for AI in collaboration with technology risk
Provide AI/Agent subject matter expertise for AI Incidents and Security Reviews, and help develop incident response playbooks for AI-related security incidents