AI Security Engineer focusing on adversarial machine learning and enterprise security architecture. Leading red team engagements and translating technical risk into governance frameworks.
About the role
- Senior Security Engineer leading security initiatives to protect customer data at an AI-native legal tech company. Collaborating across functions to ensure compliance and security best practices.
Responsibilities
- Identify and address security risks through comprehensive assessments, mitigation strategies, and execution.
- Ensure secure coding and implement systems to protect against unauthorized access and data breaches.
- Develop and execute incident response plans, conduct forensic analysis, and take preventive measures.
- Maintain compliance with regulations and industry standards, promote transparency, and address ethical concerns.
- Establish real-time monitoring systems, conduct regular assessments, and proactively respond to threats.
- Evaluate and secure third-party integrations to prevent vulnerabilities.
- Educate and raise awareness for security best practices across the engineering team.
- Maintain up-to-date documentation on protocols, incidents, and improvements; report regularly to stakeholders.
Requirements
- 5+ years in a security-focused engineering role, with hands-on technical architecture, implementation, and oversight experience.
- Proven security experience at a startup or high-growth company - you've built or scaled a security function before, not just maintained one.
- Expertise in SAST/DAST, application security, and CI/CD pipeline integration.
- Deep knowledge of AI-specific threats (prompt injection, model poisoning, membership inference, adversarial perturbation, output manipulation).
- Experience implementing security principles, operating system and web application security, and familiarity with the OWASP Top 10 and common threat tactics.
- Knowledge of next-generation security technologies (SASE, CASB, RASP).
- Hands-on experience with patch management, software supply chain security, and artifact repositories (e.g., JFrog, Snyk).
- Strong programming or scripting skills in at least one language (e.g., Python, Ruby, Node.js).
- Relevant cybersecurity certification (CISSP, CISM, CISA, CRISC, GIAC, etc.).
- Up-to-date on technology and vulnerability trends; ability to secure cloud computing applications and ecosystems.
- Application/infrastructure-level security design experience, including modern mitigation techniques (e.g., DNS-SEC, cryptographic fundamentals).
- Strong automation skills with Python.
Benefits
- Choice of medical, dental, and vision insurance plans for you and your family.
- Additional insurance coverage options for life, accident, or critical illness.
- Flexible paid time off, sick leave, short-term and long-term disability.
- 10 US observed holidays, and Canadian statutory holidays by province.
- A home office stipend.
- 401(k) for US-based employees and RRSP for Canada-based employees.
- Paid parental leave.
- A local in-person meet-up program.
- Hubs in San Francisco and Toronto.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
AI Security Architect leading adversarial testing for enterprise AI products, integrating security findings into governance frameworks. Collaborating with engineering and compliance functions in a hybrid work environment.
Leading GRC & IT Security Consulting at Orange Cyberdefense in Zürich. Drive business growth and manage client relationships while leading a technical consulting team.
Senior Endpoint Security Engineer at Metric5 managing CrowdStrike Falcon deployment for Department of Treasury. Overseeing sensors rollout and resolving high - tier architectural issues in diverse IT environments.
Cybersecurity Sales Specialist responsible for driving sales across Fortune 250 accounts. Engage with C - suite leaders to enhance cybersecurity solutions and strategies across global enterprises.
Sales Specialist for Data Security driving growth in Public Sector and MidMarket teams at Proofpoint. Partnering with core sales reps and delivering value in Data Security portfolio.
Principal Product and Process Security Certification Expert at NXP driving security evaluation and certification for embedded products. Responsible for compliance with cybersecurity standards and certifications in emerging markets.
Physical Security Technology Manager responsible for administering and optimizing security technology platforms at Dominium. Engaging in multiple locations to enhance system performance and reliability.
Junior Consultant in Cyber Security at MKS4U IT - Beratungs GmbH providing security assessments and client consulting. Focused on developing and implementing security strategies within a hybrid working environment.
Teamlead for IT Perimeter Security Engineering at Axians Switzerland, leading a security team and managing client consultations. Engaging in technical engineering of security solutions while fostering team development.