Senior Security Engineer, Agentic AI

Agentic AI Security Assessments

• Conduct comprehensive application security assessments of agentic AI pipelines, tools, and frameworks
• Examine vulnerabilities in model architectures, guardrails, and deployment infrastructure
• Develop mitigation strategies

Prompt Injection Research & Development

• Develop and share novel prompt injection techniques targeting agentic workflows
• Focus on indirect injection via tool outputs, multi-turn manipulation, and cross-agent exploitation
• Produce actionable attack libraries and defensive countermeasures

Application Security Assessment

• Conduct security assessments of client code bases using static analysis, dynamic testing, and manual code review
• Identify vulnerabilities and develop mitigation strategies at the intersection of application security and Agentic AI security

Threat Modeling

• Conduct threat modeling and risk assessments to proactively identify potential risks
• Develop mitigation strategies for future prevention
• Focus on prompt injection attack surfaces in agentic orchestration layers

Client Engagement

• Work with leading industry teams to review system code and architecture
• Help assure products through system analysis and modeling

AI Policy & Compliance Initiatives

• Develop and contribute to AI regulatory frameworks
• Establish assurance methods and auditing processes for mission-critical AI applications
• Ensure alignment with emerging industry standards and safety requirements

Requirements

• Demonstrated interest and experience in agentic AI security
• Ability to identify and mitigate AI-specific vulnerabilities across complex systems
• Hands-on experience with prompt injection attacks and defenses
• Deep understanding of AI/ML architectures, frameworks (PyTorch, JAX, LangChain, RAG systems), and MLOps practices
• Robust security engineering expertise
• Track record of conducting technical security assessments of software
• Experience with software and system hardening, security policy analysis, and implementing security measures
• Practical experience designing and executing prompt injection workflows against production LLM systems, agentic pipelines, and tool-use environments
• Familiarity with emerging taxonomies and mitigation approaches
• Strong knowledge of multiple programming languages: Rust, Go, Kotlin, Swift, Objective-C, JavaScript/TypeScript, Python, Ruby, C, C++
• Creative and adversarial mindset with passion for discovering novel attack vectors
• Ability to effectively communicate complex security concepts to diverse stakeholders

Compensation & Benefits

• Base salary: $100,000 - $220,000
• Performance-based bonuses
• Fully company-paid health, dental, vision, disability, and life insurance
• 401(k) plan with 5% match
• 20 days paid vacation
• 4 months parental leave
• $1,000 work-from-home stipend
• $750 annual learning & development stipend
• Company-sponsored all-team celebrations
• Philanthropic contribution matching up to $2,000 annually