Subscribe to the latest remote jobs:

Lead Application Security Engineer — Threat & Vulnerability Management (AI Focus)

🇺🇸 United States | 🇨🇴 Colombia | 🇰🇿 Kazakhstan | 🇰🇬 Kyrgyzstan | 🇺🇿 Uzbekistan

Management

Python

Machine Learning

Design

Devops

Security Engineer

Lead Application Security Engineer — Threat & Vulnerability Management (AI Focus)

from 🇺🇸 United States | 🇨🇴 Colombia | 🇰🇿 Kazakhstan | 🇰🇬 Kyrgyzstan | 🇺🇿 Uzbekistan

We are seeking aLead Application Security Engineer to drive secure-by-design engineering for agent code and pipelines and own vulnerability management for AI workloads. This role keeps agentic AI development moving fast while ensuring every agent is built, tested and shipped securely.

Responsibilities

  • Embed SAST DAST and SCA into agent CI/CD pipelines
  • Build and maintain an AI/LLM software bill of materials (SBOM) capability
  • Lead threat modeling for agents against the OWASP LLM Top-10 and Agentic Top-10
  • Define and enforce vulnerability-management SLAs for AI workloads
  • Establish secure-SDLC guardrails for maker and developer teams

Requirements

  • 5+ years of experience in application security engineering
  • Background in SAST, DAST and SCA tooling and triage
  • Expertise in threat modeling with understanding of LLM/agent attack surfaces including prompt injection, tool abuse and data exfiltration
  • Familiarity with AI/LLM supply-chain risk and SBOM practices
  • Background in secure SDLC and DevSecOps pipeline integration

Nice to Have

  • Skills in Python scripting and automation for security tooling integration
  • Relevant certifications (e.g., GWAPT, CSSLP, OSCP)
by @maxrusakovic