Senior AI Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior AI Security Engineer designing safeguards for internal AI usage at Backblaze. Focused on agentic systems, developer protection, and runtime security.
Responsibilities:
- Architect and implement guardrails for tool-using AI systems, including:
- Tool access controls and allowlists
- Context and memory isolation
- Step-level validation of agent actions
- Apply mitigations aligned to the OWASP Agentic AI Top 10 (e.g., prompt injection, unsafe tool use, data leakage, excessive autonomy)
- Build enforcement mechanisms that govern AI behavior at execution time:
- Interceptors, proxies, or middleware for tool/API calls
- Policy decision and enforcement layers
- Rate limits, execution bounds, and kill-switches
- Design and implement identity and access controls for agents and automation, including:
- Short-lived credentials and scoped permissions
- Clear separation between human and non-human access
- Strong binding of identity to task context and execution
- Ensure all AI actions are attributable and auditable
- Implement logging and tracing for AI activity:
- Prompts, tool usage, and decision flows
- Build detection capabilities using:
- Behavioral baselining and anomaly detection techniques
- Identify and alert on:
- Abnormal tool usage
- Suspicious prompt patterns
- Unexpected data access
- Perform agentic system threat modeling using MAESTRO, including:
- Mapping agent capabilities, trust boundaries, and attack paths
- Modeling misuse and adversarial scenarios
- Translate findings into practical safeguards and detection logic
- Protect developers using AI tools by:
- Preventing sensitive data exposure
- Validating AI-generated code and actions
- Constraining unsafe automation
Requirements:
- 7+ years in security engineering or backend systems
- Proven experience designing and deploying security controls, such as:
- Runtime enforcement layers (proxies, middleware, policy engines)
- Identity and access systems, especially for non-human entities
- Strong programming skills (Python preferred; Go, Java, or TypeScript a plus)
- Experience using AI-assisted development tools such as Claude Code in real workflows, including understanding associated security risks and safeguards
- Experience with:
- Logging, monitoring, and detection systems
- Building or securing API/service interactions
- Practical familiarity with:
- Agentic AI systems or tool-integrated LLM workflows
- OWASP guidance for AI/agent risks.
Benefits:
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Remote work options
Similar Jobs
Staff Security Engineer – Proactive Security
Staff Security Engineer at DoorDash leading threat modeling and security operations for product and cloud domains. Collaborating with teams to ensure secure infrastructure and services.
Enterprise Security Engineer
Enterprise Security Engineer at DoorDash protecting workforce through security controls and automation. Collaborating across DoorDash, Wolt, and Deliveroo to enhance security systems.
Senior Account Manager – BMS/Fire/Security/SaaS
Senior Account Manager responsible for managing key customer accounts and driving sales growth at Honeywell. Foster client relationships to deliver tailored solutions while collaborating with internal teams.
Senior Manager, Workday Security
Workday Security Senior Manager overseeing Workday security architecture and compliance for Fortrea. Collaborating with HR, Finance, IT, and Compliance teams to safeguard sensitive data access.
Senior Splunk Technical Account Manager – Cybersecurity
Senior Splunk Technical Account Manager driving security objectives through Splunk platform optimization. Cultivating partnerships and enhancing customer satisfaction.
Security Consultant – Detection Engineer
Detection Engineer supporting enterprise security monitoring and threat detection initiatives. Responsible for developing and maintaining security detections in a large-scale environment.
Cybersecurity Tech Writer – Part Time
GovCon Cybersecurity Proposal Tech Writer producing technical and proposal content remotely for federal contracting. Coordinates with clients and proposal manager on projects.
Google Workspace Security Architect
Google Workspace Security Architect specializing in security enhancements and identity governance for global technology services. Collaborates with stakeholders to improve security protocols and documentation standards.
Software Developer – NATO, Security Clearance
NIRIS Software Developer for NATO developing software for Networked Interoperable Real-Time Information Services. Collaborating with teams to enhance interoperability capabilities and maintain software quality.
Software Engineer – Security Clearance
Software Engineer developing and maintaining JChat applications for NATO's Communication and Information Agency. Collaborating in a Scrum team to enhance software and ensure quality.
Senior Manager, Email Security Engineering
Senior Engineering Manager overseeing Email Security product for clients including Fortune 500 companies. Leading and mentoring engineering teams to tackle complex distributed systems challenges.
Application Security Expert
Expert in application cybersecurity analyzing web components and supporting secure development practices within a dynamic team. Collaborate on cloud application security based in Quebec, Canada.
Account Executive – Electronic Security Systems
Account Executive responsible for customer acquisition across Indiana focusing on physical security solutions. Building relationships and expanding company footprint in strategic growth market.
Technical Advisor II – Food Security, Livelihoods and Markets
Technical Advisor II providing guidance and support in food security and livelihoods programming for Catholic Relief Services. Working on multi-sectoral projects integrating market-based solutions during humanitarian responses.
Head of Cybersecurity
Leader of Cybersecurity designing and implementing strategies at Kavak, an AI company. Involved in building a top-tier team and ensuring security compliance.
Especialista em Endpoint Security, PAM
Especialista em Segurança Digital no Grupo Casas Bahia, gerenciando a segurança de endpoints e credenciais privilegiadas. Trabalhando para garantir visibilidade e resposta eficiente a ameaças em um ambiente colaborativo.
Senior Manager, Cybersecurity and Operations
Senior Manager leading cybersecurity operations and team at Accela. Managing incident response and enhancing security posture across corporate and cloud environments.
Principal Cyber-Security Engineer – GRC, AI
Principal Cyber-Security Engineer driving AI integration within FICO's GRC, emphasizing automation and compliance. Leading high-visibility audit engagements and mentoring team members across departments.
Lernbegleiter, Sicherheit und Objektschutz
Trainer for security expertise remotely at WBS TRAINING. Focusing on competency development for course participants with a strong educational approach.
Social Security Disability Hearing Attorney
Social Security Disability Hearing Attorney helping clients navigate the SSDI and SSI application processes. Representing them in appeals and providing legal consultation remotely.