AI Security Engineer
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
AI Security Engineer (AI/LLM Security): Strengthen the security of AI-enabled products, internal AI tools, and agentic AI infrastructure across the AI lifecycle with an accent on identifying, assessing, and reducing AI-specific risks. Focus on building scalable AI security controls, detection logic, and governance-aligned safeguards while improving defenses against prompt injection, jailbreaking, RAG data poisoning, and data leakage.
Location: Hybrid (Denver, CO) — in office at least 3 days/week
Salary: $150,000–$178,000 USD
Company
builds legal technology solutions and advances AI across its products and internal platforms.
What you will do
- Identify, assess, and reduce risks across the AI lifecycle for AI-enabled products, internal tools, and agentic AI infrastructure.
- Partner with Product, Engineering, GRC, IT, and Security to guide AI adoption, vendor/model integrations, data handling, and acceptable use.
- Defend against AI-specific threats such as prompt injection, jailbreaking, insecure outputs, RAG data poisoning, model abuse, data leakage, and indirect context manipulation.
- Improve security for LLM-connected application surfaces, including MCP server integrations, agent workflows, tool-call authorization boundaries, and SaaS interconnects.
- Build and maintain AI security controls, tooling, testing pipelines, detection logic, playbooks, and documentation to continuously validate AI behavior.
- Extend identity governance and secrets management to AI agents and non-human identities, including access scoping, credential lifecycle, inventory, deprovisioning, and audit logging.
Requirements
- 3–6 years of cybersecurity experience, including 1–2 years focused on AI/ML security, application security, or a related combination in a cloud-native SaaS or enterprise software environment.
- Working knowledge of LLM security risks and mitigations, including OWASP LLM Top 10 concepts (prompt injection, insecure output handling, RAG poisoning, DoS, and sensitive information disclosure).
- Hands-on application security fundamentals: threat modeling, SAST/DAST, API security, secrets management, secure SDLC, and CI/CD pipeline security.
- Technical proficiency with scripting/automation and AI/ML security tooling and platforms (e.g., LangChain, RAG pipelines, vector databases, Azure OpenAI, Amazon Bedrock).
- Experience securing Azure and/or AWS environments, including IAM, network segmentation, containers, Kubernetes, infrastructure-as-code scanning, and cloud-hosted AI workloads.
- Strong communication and analytical skills to explain complex AI security risks to technical and non-technical audiences and drive remediation independently.
Nice to have
- Certifications such as CAISP, CISSP, CEH, GPEN, or AWS/Azure security specialties.
- Experience with AI red teaming/adversarial ML testing tools (e.g., Garak, PyRIT, Counterfit) and/or AI bug bounty programs.
- Familiarity with AI governance frameworks and standards (e.g., ISO 42001, NIST AI RMF, EU AI Act, SOC 2 Type II, ISO 27001).
- Experience in B2B SaaS and regulated legal technology environments, including security reviews, RFP responses, due diligence questionnaires, or security-focused sales support.
Culture & Benefits
- Hybrid work in Denver with expectations to be in office at least 3 days per week.
- Collaborative team culture focused on integrity and support.
- Company bonus plan eligibility and comprehensive benefits package (medical, dental, vision, 401(k) with company match).
- Opportunity for growth through stretch assignments, visibility, and career development.
- Work at the intersection of legal technology and cutting-edge AI.
Hiring process
- Interviews to evaluate AI security expertise, application security fundamentals, and ability to communicate risks and drive remediation.
- Discussions to align on AI governance/security expectations and practical experience with cloud and AI security controls.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →