• Designing and implementing scalable automation and AI-driven tools to enhance security controls, architecture reviews, risk identification, and decision support. • Partnering with Application Security, Cloud Engineering, Platform teams, and enterprise architects to develop automated security guardrails and integrate security policies into development workflows. • Ensuring new systems, integrations, and services comply with organizational security standards through automated validation, policy-as-code, and continuous monitoring. • Building reusable security frameworks, intake processes, and automated validation mechanisms to reduce manual review effort while improving consistency, visibility, and compliance. • Performing and scaling risk assessments and security architecture reviews for applications, cloud platforms, APIs, and system integrations. • Collaborating with software development teams to create innovative, automated security solutions that demonstrate measurable business efficiency gains, leveraging AI to address security gaps. • Quickly adapting to new security challenges, especially related to IaaS platforms, and engaging with lead architects and technical leads through design reviews, pair programming, code reviews, and sharing AI expertise. • Documenting solutions clearly to support team training and production support personnel.

• Security research including development of tools for vulnerability analysis and mitigation • Development of static and run-time analysis tools to figure out root cause and input conditions related to a vulnerability • Vulnerability triage and proof of concept exploit development to support the creation of detection content • Write detailed technical reports, summaries, and testing methodologies • Research emerging technologies, protocols, and testing methodologies • Develop proof of concept exploits for testing vulnerability mitigations • Perform patch analysis to find and trigger vulnerabilities • Reverse engineer binary applications, protocols, and formats • Analyze vulnerabilities and emerging security threats and technologies • Provide critical security focused expertise to engineering organizations

• Own AI behavior monitoring: Define what trustworthy and untrustworthy AI behavior looks like, and ensure it is measurable in production. • Own AI observability standards: Establish telemetry, tracing, logging, and alerting requirements for AI systems and agentic workflows. • Own control validation for agentic systems: Verify that guardrails, policy checks, access boundaries, and execution constraints are functioning as intended. • Own AI security event analysis: Detect, investigate, and document suspicious, unsafe, or non-compliant AI behaviors and coordinate response. • Own implementation support for governance frameworks: Translate governance principles into technical and operational requirements that product and platform teams can adopt. • Own AI trust metrics and reporting: Define KPIs, KRIs, and dashboards that show leadership whether AI systems are operating within approved trust and security boundaries. • Own continuous improvement of AI controls: Use incidents, testing, behavioral findings, and stakeholder feedback to strengthen control design and reduce residual risk over time.

Role Description Join Airtable as a Product Security Engineer and play a pivotal role in shaping the security of our rapidly evolving platform as we expand our AI and LLM-powered offerings. You will join the team responsible for safeguarding the application layer of Airtable’s platform. You will partner closely with product engineering teams to build paved roads, frameworks, and automated controls that make the secure path the easy path for our engineering teams. You will help influence application security at scale, ensuring our products are secure by design. What you'll do - Develop self-service security frameworks and "paved roads" that allow engineering teams to ship secure code by default. - Focus on automated guardrails for common vulnerabilities, while prioritizing deep-dive design reviews into complex business logic and data isolation issues (for example, multi-tenant isolation and authorization/permission bypasses) that automated tools cannot catch. - Partner with product and engineering teams to review designs early, contribute to threat modeling for new features and complex initiatives, and provide clear, actionable security guidance. - Research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows. - Manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem. - Contribute to the long-term roadmaps, metrics, and strategic planning for the security team. - Lead complex threat modeling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organization. Qualifications - 4+ years of experience in product security or application security, with experience shipping production code. - Strong background in computer science or a related field, with proficiency in writing clean, maintainable code. - Deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and can reason about the security implications of systems built on them. - Hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks. - Proficient in writing and reviewing code and treat security as an engineering problem to be solved with software, not just policies. - Excellent at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity. - Comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy. Benefits - Opportunity to receive benefits and restricted stock units. - May include incentive compensation. Company Description Airtable is an equal opportunity employer. We embrace diversity and strive to create a workplace where everyone has an equal opportunity to thrive. We welcome people of different backgrounds, experiences, abilities, and perspectives. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status or any characteristic protected by applicable federal and state laws, regulations and ordinances.