Security Engineer II, StoreSec Application Security

About The Position

Requirements

• 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object oriented language experience
• Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
• Experience with AI/ML technologies
• Experience applying threat modeling or other risk identification techniques or equivalent
• Knowledge of common AI security risks (prompt injection, data poisoning, model extraction, insecure tool use)

Nice To Haves

• Experience with programming languages such as Python, Java, C++
• Experience with AWS or cloud technologies
• 2+ years of any combination of: AI security, threat modeling, secure coding, identity management and authentication, software development, cryptography, or application security
• Experience with security testing of LLM-based applications or performing security activities across the SDLC (security design review, threat modeling, secure code review, security testing)
• Familiarity with HIPAA compliance requirements for healthcare data

Responsibilities

• Define and drive implementation of proactive security controls for AHS AI applications including GenAI chatbots, agentic systems, and LLM-powered tools
• Develop and implement security controls for the AI-SDLC, ensuring AHS builders build secure AI applications by default
• Assess and drive mitigation of AI-specific security risks including prompt injection, model abuse, data exfiltration, and unauthorized tool invocation at scale
• Build and/or drive adoption of AI-powered security tooling (e.g., automated threat modeling, code scanning, security test generation) to scale security across AHS
• Drive adoption of AI security guardrails, testing frameworks, and monitoring across AHS GenAI applications
• Collaborate with AHS builder teams to integrate security guidance into AI development workflows, reducing late-stage security findings
• Develop and maintain security documentation including AI threat models, risk assessments, and secure AI development guidelines
• Support security incident investigations related to AI systems, including prompt injection attacks and model misuse

Benefits

• sign-on payments
• restricted stock units (RSUs)
• health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage)
• 401(k) matching
• paid time off
• parental leave