Lead AI AppSec Engineer

About The Position

Requirements

• 8+ years of experience across application security, information security, platform security, DevSecOps, penetration testing, or related security disciplines
• Strong understanding of AI and LLM security risks, including common failure modes and safety considerations
• Experience automating security controls and testing directly within CI/CD pipelines
• Hands-on experience with threat modeling frameworks such as STRIDE and operating in agile environments (Scrum, Kanban)
• Proficiency in at least one programming language such as Python, Java, or .NET
• Strong collaboration and communication skills, with the ability to explain security risks and tradeoffs to stakeholders

Nice To Haves

• Experience with containerized and cloud-native environments (Kubernetes, containers, CI/CD, cloud providers)
• Familiarity with AI platform components such as AI gateways, model orchestration layers, or custom API-based AI workflows
• Awareness of AI and security regulatory frameworks such as NIST AI RMF, MITRE ATLAS, GDPR, or EU AI Act
• Relevant security certifications (CISSP, GIAC, CISA, or similar)

Responsibilities

• Applying application security best practices to AI-enabled applications, services, and workflows
• Identifying and mitigating security risks associated with Large Language Models, AI agents, and supporting platforms
• Embedding automated security checks such as SAST, SCA, and DAST into CI/CD pipelines
• Performing threat modeling using established frameworks and applying those findings in agile delivery environments
• Partnering closely with engineering, platform, and security teams to support secure development practices
• Communicating security risks clearly and effectively to both technical teams and leadership