AI AppSec Engineer V
About The Position
As an AI AppSec Engineer, you will work with application teams to ensure the security of custom and procured AI solutions. You will help enable Capital Group's AI strategy by building and/or procuring solutions to protect a diverse set of enterprise AI platforms being built and deployed at Capital Group. You'll collaborate with platform engineering, security engineering, and risk teams to ensure their solutions support scalable, secure adoption of AI. Additionally, you'll be expected to provide mentoring, advising diverse teams across the organization, and promoting AI Security principles across Capital Group.
Requirements
- You have 8+ years of experience in information security, application security, platform security, or penetration testing, DevSecOps, network security and other security disciplines.
- You have strong knowledge of security of safety risks of Large Language Models and AI Agents (OWASP for LLM Top 10, etcetera)
- You have 5+ Years of experience automating security checks, including SAST, SCA, and DAST, directly into CI/CD pipelines
- You have extensive experience with STRIDE/other threat modeling frameworks, agile workflows, including Scrum and Kanban
- You are experienced in at least one programming languages (Python, Java, .NET)
- You can effectively partner and collaborate with stakeholder teams.
- You have effective communication skills and the ability to outline security risks to leadership.
Nice To Haves
- You have knowledge and experience with technologies including Kubernetes, Containers, CI/CD, and Cloud Service Providers
- You are familiar with function and purpose of key AI platform components such as AI gateways (Kong, Databricks Mosaic AI Gateway, custom API orchestration), Model Orchestration (Examples LangChain, LlamaIndex, etc.)
- You are familiar with key AI regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, EU AI Act, etc
- You have Information Security certifications (CISSP, SANS G
Responsibilities
- Secure AI Development Lifecycle: You will procure and/or build technical solutions to embed automated security checks into the AI SDLC and ML-Ops.
- AI Threat Modeling: You will threat model complex Agentic and AI systems and design security requirements collaboratively with developers, architects and business stakeholders
- Code analysis: You will review code for security vulnerabilities in the context of AI-driven systems
- Contribute to Standards and Policies: You will provide thought leadership for Information Security policies and standards for AI in collaboration with technology risk
- AI/Agent SME: You will provide AI/Agent subject matter expertise for AI Incidents and Security Reviews, and help develop incident response playbooks for AI-related security incidents
Benefits
- In addition to a highly competitive base salary, per plan guidelines, restrictions and vesting requirements, you also will be eligible for an individual annual performance bonus, plus Capital's annual profitability bonus plus a retirement plan where Capital contributes 15% of your eligible earnings.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Industry
Securities, Commodity Contracts, and Other Financial Investments and Related Activities
Education Level
No Education Listed
