Senior Security Engineer, AI Model and Application

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related field with 7+ years of relevant experience is required.
• 5+ years of experience in application security, product security, or offensive security, including hands-on threat modeling and secure design for complex systems, is required.
• Practical, demonstrated experience assessing or attacking AI/ML or LLM systems (e.g., prompt injection, model abuse, data exfiltration via LLMs, or adversarial examples) is required.
• Excellent interpersonal skills and ability to work effectively in a cross-functional team environment spanning security, ML, and product disciplines.
• Excellent technical writing, communication, and organizational skills, with the ability to translate complex security risks into clear trade-offs and actionable requirements for non-security stakeholders.
• Strong proficiency in Python and familiarity with modern ML/LLM frameworks (e.g., LangChain, LlamaIndex, Hugging Face, OpenAI API).
• Solid understanding of common web and API security vulnerabilities (OWASP, authentication and authorization, rate limiting, abuse prevention) and how they manifest in AI-powered applications and agents.
• Strong knowledge of AI-specific threat frameworks including NIST AI RMF, OWASP LLM Top 10, and MITRE ATLAS.
• Strong data analytics skills with experience integrating AI telemetry into security monitoring and detection workflows.
• Strong leadership skills with the ability to drive security initiatives independently and mentor junior team members.

Nice To Haves

• Experience working within or alongside regulated industries with compliance obligations (e.g., NIST AI RMF, SOC 2, ISO 27001) is preferred.
• Experience with RAG pipelines, vector databases, or agent frameworks and their associated security risks is preferred.

Responsibilities

• Design, implementation, and maintenance of security controls across the full AI/ML lifecycle, including training data validation, model registry policies, deployment guardrails, and production monitoring for anomalous model behavior.
• Develop and maintain comprehensive threat models for AI/ML systems, covering prompt injection, data leakage, model evasion and extraction, data poisoning, and agent hijacking scenarios.
• Lead red teaming and adversarial testing of LLMs and agentic workflows — including jailbreak attempts, prompt injection, output manipulation, and business logic abuse — and drive remediation with engineering teams.
• Partner with ML engineers to embed security into model development pipelines, including secure training, evaluation, and deployment processes, as well as secure use of RAG architecture, tooling integrations, and multi-agent workflows.
• Implement and define policies for safe prompt and response handling, including PII and sensitive content detection, output filtering, and usage logging to support investigations and compliance requirements.
• Work with security engineering to integrate AI telemetry into SIEM, EDR, and SOC workflows; define and maintain runbooks for AI-related security incidents and forensic investigations.
• Lead the creation, modification, and maintenance of AI security documentation, including threat model reports, security specification documents, SOPs, data flow diagrams, and network topology documentation.
• Stay current on AI-specific attack techniques, emerging tooling, and relevant frameworks (NIST AI RMF, OWASP LLM Top 10, MITRE ATLAS, secure AI development guidelines) and translate findings into internal standards and controls.
• Consult and collaborate with cross-functional SMEs across ML, Product, Platform Engineering, Legal, and Compliance to influence security design decisions and ensure operability and technical feasibility.
• Provide technical mentoring and oversight to less experienced security engineers responding to and investigating AI-related security issues.
• Create, edit, and adhere to Standard Operating Procedures (SOPs), security playbooks, and standardized documentation templates.
• Perform ad-hoc and cross-functional projects assigned to support business needs and provide developmental opportunities.

Benefits

• Medical, Dental and Vision Plan Options
• Health and Financial Wellness Programs
• Employer Assistance Program (EAP)
• Company Paid and Voluntary Life/AD&D, Short-Term and Long-Term Disability
• Healthcare and Dependent Care Flexible Spending Accounts
• 401(k) Retirement Plan with Company Match
• 529 Education Savings Program
• Voluntary Legal Services, Identity Theft Protection, Pet Insurance and Employee Discounts, Rewards and Perks
• Paid Time Off (PTO) includes: 11 Holidays
• Exempt Employees are eligible for Unlimited PTO
• Non-Exempt Employees are eligible for 10 Vacation Days, 56 Hours of Health Pay, 2 Personal Days and 1 Cultural Day