Principal Application Security Engineer - AI

Meet the job

As a Principal AI Application Security Engineer you’ll take the lead in a team of security engineers working to ensure we build, maintain and deploy secure software that is used by millions of users around the globe. If you have a hacker mindset, are passionate about security and always looking to extend your knowledge, then this is the place for you.

How about you

In order to really own this role, we think you’ll need:

● Excellent understanding of application security and common application security vulnerabilities;

● Good understanding of LLM and programming languages commonly used in AI development, such as Python;

● Experience in identifying vulnerabilities in LLM and generative AI;

● Excellent understanding of DevOps and cloud native technologies;

● Successful track record in identifying, triaging, and resolving security issues, including both application vulnerabilities and AI-specific threats;

● A background in development in Python and/or Java and a good understanding of the SDLC;

● English language on a professional level, written and spoken.

We’ll be delighted if you bring experience in the following topics but otherwise these would be opportunities for you to grow your knowledge working in the security team:

● Implementing OWASP ASVS/M-ASVS, OWASP AI Exchange;

● Implementing SAST, SCA, IAST and RASP tools in the SDLC;

● Facilitating threat modeling sessions for application and AI systems, identifying risks across traditional and AI-driven platforms;

● Experience in penetration testing for web, mobile and AI applications, with specific focus on assessing model vulnerabilities to adversarial attacks and other AI-specific security concerns;

● Training and guiding developers on application security concepts;

● Relevant regulations such as GDPR and PCI-DSS.