Staff Security Engineer

You will be instrumental in designing, developing, and operationalizing security controls that address the novel risks introduced by autonomous AI agents and generative models. Additionally, you will drive strategic initiatives to leverage LLMs to enhance our secure development lifecycle. Experienced security engineer with 5+ years in application security, DevSecOps, or security tooling, ideally with exposure to AI/ML security challenges. Deep understanding of AI agent architectures, generative AI models, and associated security risks such as prompt injection, adversarial attacks, and autonomous decision-making vulnerabilities. Proven track record implementing security tools and automation (SAST, DAST, SCA, API security scanning) integrated into CI/CD pipelines at scale. Experience with or strong interest in applying LLMs to security use cases, such as code analysis, vulnerability detection, or security documentation. Demonstrated ability to translate security requirements into practical AI applications that enhance the secure development lifecycle. Skilled in threat modeling methodologies and able to adapt traditional frameworks to dynamic AI systems. Proficient in at least one scripting language (e.g. Python) and familiar with multiple programming languages, cloud-native environments and container security. Strong communicator capable of articulating complex AI security concepts to both technical and non-technical stakeholders. Passionate about cybersecurity innovation, with active participation in security communities, conferences, CTFs, bug bounty programs, or CVE submissions preferred. Growth mindset with a proactive approach to learning and problem-solving in fast-evolving technology landscapes. Experience working with Security Architecture patterns and context-aware access control mechanisms. Background in adversarial machine learning or AI robustness testing. Contributions to open source AI security projects or research publications in AI safety/security. Experience building or working with LLM-powered developer tools or security automation. Knowledge of prompt engineering techniques to optimize LLM outputs for security applications. Understanding of the limitations of current LLM technologies and strategies to mitigate false positives/negatives in security contexts. Lead the design and implementation of security architectures specifically tailored for Generative AI and Agentic AI systems, including agentic identity models, least privilege access, runtime guardrails, and audit logging. Develop threat modeling approaches adapted for dynamic, non-deterministic AI agent behaviors, identifying autonomy-related risks such as prompt injection, tool misuse, agent impersonation, and multi-agent system attacks. Build and integrate advanced security tooling and automation to detect, prevent, and respond to AI-specific vulnerabilities across the development lifecycle, including adversarial testing frameworks for AI agents. Spearhead the strategy for integrating LLMs into the secure development lifecycle, including code review automation, vulnerability detection, and security documentation generation. Design and implement AI-powered security tools that can analyze code, identify potential vulnerabilities, and recommend secure coding patterns at scale. Lead proof-of-concept initiatives to demonstrate how generative AI can improve security posture through automated threat modeling, security testing, and developer education. Collaborate closely with product, engineering, and compliance teams to embed secure-by-default configurations and user consent checkpoints for sensitive AI actions involving PII, PHI, or critical business decisions. Drive continuous improvement of AI security posture by researching emerging attack vectors like model poisoning, untrusted code execution, and supply chain risks related to open-source AI frameworks. Mentor and guide other engineers on secure AI development practices and contribute to organizational knowledge sharing around AI risk mitigation strategies.