Plus
Включить Plus
Назад
Company hidden
17 часов назад

Application Security Engineer (AI)

Формат работы
onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Application Security Engineer (AI): Designing and implementing security measures for a real-time AI observability platform with an accent on LLM-native attack surfaces, including prompt injection and agent sandbox escapes. Focus on building secure-by-default libraries, performing deep code reviews across multiple languages, and scaling security workflows using agentic coding tools.

Location: On-site in San Francisco, New York City, or Seattle

Company

hirify.global is an AI observability platform that provides builders with visibility to understand and improve AI behavior in production by connecting evals and observability in one workflow.

What you will do

  • Drive secure design by leading threat models for new features and partnering with engineers to ensure features are secure by default.
  • Perform security code reviews across TypeScript, Python, and Go services and open-source tracing libraries.
  • Build "paved road" security primitives, including authn/authz, RBAC, tenancy isolation, and sandboxed code execution.
  • Own and optimize SAST, DAST, SCA, and secret-scanning tooling to maintain high signal-to-noise ratios.
  • Manage the vulnerability management program and triage external bug bounty reports with durable fixes.
  • Lead AI-specific security work targeting prompt injection, model proxy abuse, and data-exfiltration in multimodal pipelines.

Requirements

  • 5+ years of experience in application security, product security, or security-focused backend engineering.
  • Strong proficiency in at least two of: TypeScript/Node.js, Python, Go, or Rust.
  • Deep knowledge of web and API vulnerability classes and architectural patterns that prevent them.
  • Track record of building secure-by-default libraries or frameworks adopted by other engineers.
  • Experience with multi-tenant data isolation, secrets/key management, and AWS infrastructure.
  • Must be based in or able to work on-site in San Francisco, New York City, or Seattle.

Nice to have

  • Prior experience with LLM red-teaming or agent sandbox research.
  • Experience shipping security-focused open-source libraries.

Culture & Benefits

  • Comprehensive medical, dental, and vision insurance.
  • Daily lunch, snacks, and beverages provided.
  • Flexible time off.
  • Competitive salary and equity.
  • Dedicated AI stipend.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →