Staff Information Security Engineer – AI First

This is a fully remote position, open to applicants in Washington.

📋 Description

• Serve as the link between architectural vision and practical execution; resolve conflicts between security needs and practical implementation, suggest compensating controls where deficiencies exist, and assist in documenting, monitoring, and addressing residual risks.

• Establish preventive, default-on security measures across cloud and enterprise settings, formalized as policy- and infrastructure-as-code to ensure security is inherently integrated, including regulations governing the use of AI tools and models.

• Develop and uphold identity and access controls to a defined standard, including access limits for AI systems and non-human identities by collaborating with Platform Engineering and IT to align tools and policies with the architecture.

• Aid in the upkeep of the InfoSec risk register; monitor emerging threats and convert them into actionable recommendations for engineering teams.

• Assist with third-party and vendor risk evaluations, focusing on vendors that handle data through AI pipelines.

• Automate repetitive security processes (evidence gathering, access assessments, alert enhancement) and create or manage AI-assisted security agents — incorporating human-in-the-loop approval gates, least-privilege credentials, and careful consideration of each agent's own blast radius.

• Integrate security tools (SIEM, CSPM, DAST/SAST, vulnerability scanners) with LLM layers to provide actionable insights and automated responses.

• Establish and uphold security standards for AI-driven features: model access controls, prompt-injection defenses, output validation, and data management boundaries.

• Perform threat modeling on agentic and LLM-based systems, considering new attack surfaces such as tool misuse, indirect prompt injection, and supply chain vulnerabilities.

⛳️ Requirements

• Over 5 years of security engineering experience with proven expertise in AI/ML security (prompt injection, model supply chain, adversarial inputs, RAG).

• Experience utilizing AI tools (ChatGPT, Copilot, Claude, etc.) and LLM frameworks and APIs (OpenAI, Anthropic, LangChain, or similar) to enhance and streamline your work.

• Practical expertise in identity and access management across contemporary enterprise and cloud identity frameworks, including access models for AI systems and non-human identities.

• Knowledge of infrastructure and policy-as-code (e.g., Terraform, OPA/Rego) and proficiency in a scripting language for automation (Python preferred).

• Expertise in cloud security: AWS Solutions Architect / Security Specialty or equivalent demonstrated knowledge, including multi-account governance, preventive guardrails, and policy-as-code.

• Familiarity with application security (OWASP Top 10 and the OWASP LLM/GenAI Top 10, secure SDLC) and threat modeling methodologies (STRIDE, PASTA, or equivalent). Practical experience in building or managing AI agents and integrating security tools (SIEM, CSPM, SAST/DAST/SCA) to provide actionable responses rather than mere alerts.

• Working understanding of SOC 2 and/or ISO 27001 control frameworks.

🏝️ Benefits

• Medical, dental, and vision coverage: Affordable health care plans with company HSA contributions, starting from Day 1.

• A 6% 401(k) match.

• Competitive time off package with 20 days of Paid Time Off, 9 Company-Paid holidays, 2 paid floating holidays, 7 paid sick days, 2 Wellness days, and 1 Paid Volunteer Day; after 3 years of service, PTO increases to 22 days, and after 5 years it rises to 25 days.

• 12 weeks of primary caregiver leave and 4 weeks of secondary caregiver leave.

• Accident, critical illness, and hospital indemnity insurance.

• Pet insurance.

• Legal assistance and identity theft insurance plans.

• Life insurance equal to 2x salary.

• Access to the Calm app and the Employee Assistance Program.

• $65/month remote work stipend for internet.

• Culture and team-building activities.

• Tuition assistance.

• Career development opportunities.

• Charitable contribution match of up to $250 per year.