Reddit, Inc. logo
Reddit, Inc.

Dive into anything

Senior Security Engineer, AI Security

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 501-1,000Since 2005H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

1 day ago

Salary

$190.8K - $267.1K / year

Seniority

Senior

Bachelor Degree5 yrs expEnglishCloud

Job Description

Senior Security Engineer, AI Security

Reddit, Inc.

• Review and threat model AI-powered product features, LLM integrations, agentic workflows, MCP servers, tools, plugins, retrieval systems, model outputs, and internal AI tools before launch. • Build reusable AI security primitives such as guardrails, scanners, policy checks, tool-use controls, registries, sandboxes, libraries, and workflow-native enforcement points. • Design security tooling that can sit in the inference, retrieval, or execution path to detect and prevent prompt injection, jailbreaks, tool misuse, data leakage, unsafe code generation, and suspicious agent behavior. • Partner with teams building products and platforms with AI to define practical security controls that fit how they design, build, and ship. • Proactively find, fix, and prevent AI security issues, while making any required product or engineering changes clear and low-friction for partner teams. • Turn one-off AI security issues into systemic fixes, paved paths, measurable controls, and reusable guidance.

Job Requirements

  • 5+ years of experience in product security, application security, software security, security engineering, backend engineering, or security platform engineering.
  • Strong application security fundamentals, including secure design review, threat modeling, code review, vulnerability prioritization, and practical remediation.
  • Experience in building reliable backend services.
  • Hands-on experience building security automation, developer tooling, libraries, infrastructure, or platform controls.
  • Familiarity with AI, LLM, or agentic system risks such as prompt injection, jailbreaks, insecure tool use, tool poisoning, data leakage, unsafe model outputs, and abuse of AI-assisted workflows.
  • Ability to reason across trust boundaries, including user input, model context, retrieval systems, backend services, tool calls, MCP servers, third-party integrations, sandboxed execution, logs, and frontend rendering.
  • Practical understanding of infrastructure security concepts such as identity, authorization, network boundaries, secrets, cloud environments, containers, isolation, runtime policy enforcement, and least privilege.
  • Strong engineering judgment about when to block launch, when to accept risk, and how to sequence practical remediations.
  • Clear communication skills with the ability to explain technical security risk and business impact to engineers, product managers, and leadership.

Benefits

  • medical, dental, and vision insurance
  • 401(k) program with employer match
  • generous time off for vacation
  • parental leave

Related Categories

Related Job Pages

More Security Engineer Jobs

First Stop Health logo

Security Engineer

First Stop Health

We deliver care that people love. Members can talk with doctors or counselors 24/7 via app, website or phone.

Full TimeRemoteTeam 51-200Since 2011H1B No Sponsor

• design, implement, and maintain security controls and practices across the organization • partner closely with Engineering, DevOps, IT, Compliance, and the broader Information Security team to identify risks and strengthen security posture • lead application security initiatives including architecture reviews, threat modeling, code reviews, and penetration testing coordination • integrate security controls and testing into the SDLC and CI/CD pipelines • partner with development teams to remediate vulnerabilities and improve secure coding practices • champion secure design principles across web, mobile, API, and cloud-native applications • support implementation and operation of security testing tools including SAST, DAST, SCA, and secrets detection • perform and facilitate threat modeling exercises to identify potential attack vectors and prioritize risks • conduct risk assessments and provide actionable guidance to reduce application-level security risk • communicate risk findings clearly, balancing technical detail with business impact • design, implement, and maintain security controls across cloud, infrastructure, applications, and enterprise systems • evaluate and implement security technologies that improve organizational security posture • support identity and access management initiatives, including authentication, authorization, and privileged access controls • assess cloud environments for security risks and recommend remediation strategies • assist with security investigations, incident response activities, and post-incident reviews

United States
GitLab logo

Senior Manager, Security Compliance

GitLab

Build software faster. The One DevOps Platform enables your entire org to collaborate around your code. We're hiring.

Full TimeRemoteTeam 1,001-5,000Since 2014H1B No Sponsor

• Lead and mentor a team focused on security compliance, providing direction, support, and clear priorities while building a high-performing function. • Oversee and expand GitLab's certification portfolio across frameworks such as ISO 27001/17/18, ISO 42001, Service Organization Control 2 (SOC 2), Payment Card Industry (PCI), TiSAX, Cyber Essentials, and Federal Risk and Authorization Management Program (FedRAMP). • Partner with cross-functional stakeholders in IT, Security, Legal, Product, and Engineering to integrate governance, risk, and compliance requirements into business processes and technical systems. • Drive automation within the function by using scripting, coding, and AI-enabled approaches to improve governance, risk, and compliance workflows, including compliance-as-code and policy-as-code practices. • Monitor regulatory changes, emerging frameworks, and industry trends, and use those insights to help shape the team's roadmap and prepare the business for new requirements. • Manage relationships with third-party auditors, assessors, and consultants during activities such as external audits, certification reviews, and penetration tests. • Strengthen the team's security metrics and reporting practices, including preparing and facilitating regular business reviews and giving leadership clear visibility into progress and risk. • Serve as a subject matter expert and thought partner by delivering guidance, training, and security-focused content for internal teams, customers, and senior stakeholders, while helping strengthen GitLab's voice in the broader security market.

United States
$168K - $245K / year
GuidePoint Security logo

Principal, Security Alignment

GuidePoint Security

We help organizations make smarter cybersecurity decisions that minimize risk.

Full TimeRemoteTeam 201-500H1B Sponsor

Role Description The Principal, Security Alignment reports directly to the Chief Information Security Officer (CISO) and serves as the primary security advisor and strategic partner between Corporate Information Security and regional business operations. The organization operates a federated business model where corporate functions establish enterprise capabilities, standards, and guardrails while regional teams maintain autonomy in executing their business objectives. This role exists to ensure regional execution aligns with enterprise security expectations while enabling business velocity and operational flexibility. The Principal, Security Alignment will partner with regional leadership teams to understand: - Business processes - Professional services delivery models - Customer commitments - Internally developed solutions - Data handling practices - Operational workflows Success requires the ability to operate as a trusted business advisor — influencing without direct authority, translating security requirements into practical business outcomes, and helping regions mature without creating unnecessary friction. Qualifications - 10+ years of experience in information security, risk management, technology leadership, consulting, or business operations. - Experience operating in federated, decentralized, or matrixed organizations. - Strong understanding of enterprise security governance, risk management, and operational controls. - Experience partnering with executive business stakeholders. - Ability to influence teams without direct reporting authority. - Experience translating security concepts into business outcomes. - Strong executive communication and reporting skills. Requirements - Establish trusted relationships with regional executives and operational leaders. - Serve as the primary security advisor connecting regional business operations with the Enterprise Information Security organization. - Understand regional priorities, customer requirements, delivery practices, and operational challenges. - Help regional teams interpret and operationalize enterprise security standards. - Ensure security considerations are incorporated into regional decision-making processes. - Assess regional business practices to identify potential security, privacy, compliance, and operational risks. - Evaluate areas including: - Professional services delivery practices - Customer data handling - Customer environment access - Internally developed tools and automation - AI adoption and usage - Third-party/vendor usage - Data movement and storage practices - Customer contractual security obligations - Identify inconsistencies between regional execution and enterprise expectations. - Develop a scalable governance model that balances corporate oversight with regional autonomy. - Define clear ownership expectations between corporate security and regional leadership. - Create visibility mechanisms that allow risks to be identified proactively. - Establish regional security operating rhythms, reporting, and accountability structures. - Ensure exceptions, deviations, and business-driven decisions are documented and understood. - Provide the CISO with ongoing visibility into regional security maturity, emerging risks, and operational trends. - Develop executive-level reporting around: - Regional alignment - Key risk indicators - Security maturity - Remediation progress - Areas requiring leadership escalation - Escalate material concerns where business practices create unacceptable enterprise risk. - Identify opportunities to simplify adoption of corporate security capabilities. - Reduce friction between security requirements and regional execution. - Create reusable playbooks, processes, and frameworks. - Promote consistency without eliminating appropriate regional flexibility. - Build a culture where security is viewed as a business enabler. First Six-Month Objectives - Complete security/business assessments across all eight regions. - Establish relationships with regional leadership teams. - Create a regional security maturity baseline. - Identify high-priority risks and improvement opportunities. - Define the corporate/regional responsibility model. - Establish recurring governance and reporting cadence. - Implement regional security scorecards. - Deliver a prioritized roadmap for long-term maturity. Benefits - Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions). - Group Medical Insurance options: - Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans). - High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans). - Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans. - 12 corporate holidays and a Flexible Time Off (FTO) program. - Healthy mobile phone and home internet allowance. - Eligibility for retirement plan after 2 months at open enrollment. - Pet Benefit Option.

United States
Capco logo

Safety Technician

Capco

Capco, a Wipro company, is a management & technology consultancy dedicated to the financial services & energy industries

Full TimeRemoteTeam 1,001-5,000Since 1998H1B Sponsor

Role Description - Serviços técnicos especializados na Gestão de anomalias de segurança; - Serviços técnicos especializados de assessorias técnicas, avaliações, auditorias, e inspeções de segurança do trabalho nas instalações terrestres e marítimas; - Serviços técnicos especializados de gestão e execução de programas de treinamento de segurança do trabalho; - Serviços técnicos especializados no apoio à Gestão de Contratação de Fornecedores; - Serviços especializados de gestão de contingências; - Serviços especializados de segurança ocupacional e operacional; - Serviços especializados de gestão de indicadores e desempenho. Qualifications - Mínimo de 3 anos de experiência após formação em Técnico de Segurança do Trabalho, atuando na área de segurança do trabalho em empresas do setor de Óleo & Gás (evidência em CTPS). - Nível técnico em Segurança do Trabalho incluindo registro no órgão de classe em consonância com a Lei 7.410, de 27 de novembro de 1985. - Pacote Office (Word, Excel e Power Point) Intermediário / Avançado. Requirements - Conhecimento de Análise Crítica. - Power BI. Benefits - Cultura inclusiva que valoriza a diversidade em todas as suas expressões. - Ações diversas de inclusão e de responsabilidade social através de comitês internos geridos pela nossa comunidade interna. - Grupos de apoio como Mulheres, Pessoas Com Deficiência, Pessoas Negras, LGBTQIAPN+, Parentalidade, Gerações, entre outros. Next Steps Se você está ansioso(a) para progredir sua carreira conosco, candidate-se e aguarde o contato de um de nossos recrutadores!

Brazil