Senior AI Security Engineer

About The Position

Requirements

• Deep hands-on expertise in Identity and Access Management architecture and implementation across human, workload, service, and AI agent identities, including strong knowledge of IdPs, federation, SSO, OAuth 2.0, OpenID Connect, SAML, SCIM, SPIFFE/SPIRE, workload identity, service accounts, API authentication/authorization, secrets management, least privilege, and policy-based access control.
• Must be able to design secure IAM architectures and implement them directly across cloud, Kubernetes, on-prem, application, API, and AI-enabled environments.
• Demonstrated experience governing and scaling NHI lifecycle controls (inventory, ownership, naming standards, issuance, attestation, rotation, break‑glass, decommissioning) and policy enforcement for agentic workloads, including guardrails that limit tool access, data access, and delegation scope per task and environment.
• Extensive hands-on experience across security engineering, cloud security, application security, and network security
• Proven ability to secure AI/ML and LLM‑based platforms, including data‑intensive and production systems
• Strong understanding of AI‑specific threat models (e.g., prompt injection, model misuse, data leakage, insecure outputs)
• Deep technical foundation in cloud‑native security across AWS and/or Azure, including IAM, network segmentation, secure connectivity, and threat detection
• Ability to build security controls through code and automation, leveraging scripting, IaC, and CI/CD security practices
• Strong written and verbal communication skills, with the ability to clearly articulate security risks, tradeoffs, and recommendations to both technical and non‑technical stakeholders
• Proven ability to collaborate effectively across teams, influencing cloud, platform, and application engineers to embed security seamlessly into delivery workflows

Nice To Haves

• Experience designing and implementing automated guardrails, monitoring, logging, and detection for AI‑enabled and data‑driven applications
• Lead identification, assessment, and mitigation of AI‑specific risks, including prompt injection, data leakage, model abuse, insecure output handling, model evasion, and poisoning attacks.

Responsibilities

• Design and build Identity and Access Management solutions to support AI agent identities, including secure agent authentication, authorization, delegation, credential management, workload identity, tool/API access control, least-privilege enforcement, auditability, and lifecycle management across Windows, Linux, on‑prem infrastructure, cloud, Kubernetes, application, and enterprise environments.
• Define and operationalize a Non‑Human Identity (NHI) strategy for agentic workflows (agents, tools, service principals, service accounts, bots), including identity issuance and binding to code/runtime, credential rotation and revocation, secrets isolation, step‑up and delegated authorization, just‑in‑time access, and continuous verification to prevent identity sprawl and privilege drift.
• Implement end‑to‑end identity context propagation for agent runs (who/what/why), ensuring every tool call and downstream action is attributable via signed requests, scoped tokens, tamper‑evident audit logs, and correlation IDs across orchestration layers, APIs, and cloud services.
• Partner with Platform and Cloud Engineering teams to secure AI/ML systems end‑to‑end.
• Develop secure execution environments for open‑source software, third‑party tools, and AI agents by leveraging OS‑level, network, IAM, and containerized controls.
• Build monitoring, logging, and detection capabilities to identify malicious or unintended use of systems, including AI‑enabled applications and agentic workflows.
• Stay current on emerging AI features and integrations introduced in third‑party tools and platforms, and proactively assess and mitigate associated security risks.
• Assess and continuously improve security posture across applications, infrastructure, and SDLC processes, including CI/CD pipelines.

Benefits

• base salaries
• annual discretionary bonuses
• robust benefits package