Staff Information Security Engineer - AI First

Jobgether · US

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Staff Information Security Engineer – AI First based in United States.

This is a high-impact, senior security engineering role operating at the intersection of modern cloud security and enterprise AI adoption. You will help define how security is embedded into AI-driven systems, ensuring innovation can move quickly without introducing unmanaged risk. The role sits within a fast-evolving environment where automation, AI tooling, and security engineering converge. You will design and implement scalable guardrails for AI usage across products, platforms, and internal workflows. A strong focus is placed on turning manual security processes into automated, policy-driven systems. You will collaborate closely with engineering, IT, and governance stakeholders to enable secure-by-default architectures. This is a hands-on role for someone who enjoys building, automating, and shaping security strategy in an AI-first organization.

Accountabilities:

  • Act as the connective layer between architectural security intent and real-world implementation, resolving gaps by designing compensating controls and tracking residual risks within structured risk frameworks.
  • Build and enforce preventive, always-on security controls across cloud and enterprise environments using infrastructure-as-code and policy-as-code approaches, including governance for AI tools and model usage.
  • Design and manage identity and access controls across human, non-human, and AI agent identities, ensuring least-privilege access and secure boundaries in collaboration with platform and IT teams.
  • Maintain and evolve the information security risk register, translating emerging threats—especially AI-related risks—into actionable engineering guidance.
  • Lead automation of security operations workflows, including access reviews, evidence collection, alert enrichment, and AI-assisted security agents with controlled human-in-the-loop safeguards.
  • Integrate and enhance security tooling (SIEM, CSPM, SAST/DAST, vulnerability scanners) with LLM-driven intelligence to improve signal quality and response efficiency.
  • Define and enforce security requirements for AI-powered systems, including prompt injection defenses, data handling constraints, output validation, and model access governance.
  • Perform threat modeling for LLM and agent-based systems, identifying novel attack surfaces such as tool misuse, indirect prompt injection, and supply chain vulnerabilities.

    • Requirements:

    • 5+ years of security engineering experience with strong exposure to AI/ML security domains such as prompt injection, adversarial inputs, model supply chain, and RAG architectures.
    • Hands-on experience leveraging AI tools (e.g., ChatGPT, Copilot, Claude) and LLM frameworks/APIs (OpenAI, Anthropic, LangChain, or similar) to enhance engineering productivity.
    • Deep expertise in identity and access management across modern cloud environments, including governance for non-human and agent-based identities.
    • Strong background in infrastructure-as-code and policy-as-code (e.g., Terraform, OPA/Rego) and automation using Python or similar scripting languages.
    • Proven cloud security expertise (AWS or equivalent), including multi-account governance, preventive guardrails, and secure architecture design.
    • Experience with application security principles (OWASP Top 10 and OWASP LLM/GenAI Top 10), secure SDLC, and structured threat modeling methodologies.
    • Familiarity with security frameworks such as SOC 2 and/or ISO 27001.
    • Strong communication skills with the ability to translate complex technical risks into clear engineering and business guidance.
    • Preferred: experience building AI agents in production, red teaming/AI security research, privacy-by-design (GDPR/CCPA), and security certifications (AWS, CCSK, or similar).

      • Benefits:

      • Competitive base salary range: $170,000 – $220,000 annually (U.S. market aligned)
      • Annual discretionary bonus of approximately 12% of base salary
      • Comprehensive medical, dental, and vision coverage starting Day 1 with HSA contributions
      • 6% 401(k) employer match
      • Remote-first work environment with flexibility and strong work-life balance support
      • Generous PTO package including paid holidays, sick leave, wellness days, and volunteer day
      • Paid parental leave (12 weeks primary caregiver, 4 weeks secondary caregiver)
      • Life insurance, disability coverage, and additional voluntary insurance options
      • Wellness and mental health support, including access to Calm and Employee Assistance Program
      • Remote work stipend ($65/month) for internet and home office support
      • Career development, tuition assistance, and internal growth opportunities
      • Charitable donation matching up to $250 annually
      • Additional perks including pet insurance, identity theft protection, and legal assistance plans.

Security pay context

Based on 1,588 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $180K (10th–90th percentile: $93K–$216K).

This posting lists $170K–$220K, above the $142K market median.

See the full Security salary breakdown →
Apply →

Other roles at Jobgether

More Security roles