Rithum
Staff Information Security Engineer- AI First
Remote Information Security role with clear candidate location fit.
PostedJun 21, 2026
Eligible countries1 accepted country
Seniority signalSenior
Work settingRemote
Accepted candidate locations
USA
Role overview
Staff Information Security Engineer- AI First
Requirements and responsibilities
Readable role content extracted into sections for faster review.
Responsibilities
- Act as the bridge between architectural intent and operational reality; mediate conflicts between security requirements and feasible implementation, propose compensating controls where gaps exist and help register, track and remediate residual risks.
- Implement preventive, default-on security controls across cloud and enterprise environments, codified as policy- and infrastructure-as-code so security is enforced by design, including controls that govern how AI tools and models may be used.
- Implement and enforce identity and access controls to an agreed standard, including access boundaries for AI systems and non-human/agent identities by partnering with Platform Engineering and IT to align tooling and policy to the architecture.
- Assist in maintaining the InfoSec risk register; track emerging threats and translate them into actionable guidance for engineering teams.
- Support third-party and vendor risk assessments, with a focus on vendors who process data through AI pipelines.
- Automate repetitive security workflows (evidence collection, access reviews, alert enrichment) and build or operate AI-assisted security agents — with human-in-the-loop approval gates, least-privilege credentials, and explicit attention to each agent's own blast radius.
- Integrate security tooling (SIEM, CSPM, DAST/SAST, vulnerability scanners) with LLM layers to surface actionable insight and automated responses.
- Define and enforce security requirements for AI-powered features: model access controls, prompt-injection mitigations, output validation, and data-handling boundaries.
- Conduct threat modelling on agentic and LLM-based systems, accounting for novel attack surfaces such as tool misuse, indirect prompt injection, and supply chain risk.
Minimum Qualifications
- 5+ years of security engineering experience with demonstrated AI/ML security depth (prompt injection, model supply chain, adversarial inputs, RAG).
- Experience using AI tools (ChatGPT, Copilot, Claude, etc.) and LLM frameworks and APIs (OpenAI, Anthropic, LangChain, or similar) to accelerate and elevate your work.
- Hands-on identity and access expertise across modern enterprise and cloud identity stacks, including access models for AI systems and non-human identities.
- Infrastructure and policy-as-code (e.g. Terraform, OPA/Rego) and proficiency in a scripting language for automation (Python preferred).
- Cloud security expertise: AWS Solutions Architect / Security Specialty or equivalent demonstrated expertise, including multi-account governance, preventive guardrails, and policy-as-code.
- Application security (OWASP Top 10 and the OWASP LLM/GenAI Top 10, secure SDLC) and threat-modelling methodologies (STRIDE, PASTA, or equivalent). Practical experience building or operating AI agents, and integrating security tooling (SIEM, CSPM, SAST/DAST/SCA) so it surfaces action rather than raw alerts.
- Working knowledge of SOC 2 and/or ISO 27001 control frameworks.
Preferred Qualifications
- Experience building or operating AI agents in a production environment.
- Awareness of privacy regulation (GDPR/CCPA) as it touches AI including privacy-by-design and DPIAs.
- Red teaming or adversarial ML research backgrounds.
- Experience implementing privileged-access, key-management, posture-management, or data-protection programs.
- Experience with EDR, CASB, DLP, Security automation and SAST, DAST, IAST and SCA tools.
- Cloud Architecture or Security certifications (CCSK, TAISE, AWS).
At Rithum you will:
- Partner with the leading brands and retailers.
- Connect with passionate professionals who will help support your goals.
- Participate in an inclusive, welcoming work atmosphere.
- Achieve work-life balance through remote-first working conditions, generous time off, and wellness days.
- Receive industry-competitive compensation and total rewards benefits.
Benefits
- Medical, dental and vision benefits: Affordable health care plans and company HSA contributions, starting on Day 1
- A 6% 401(k) match
- Competitive time off package with 20 days of Paid Time Off, 9 Company-Paid holidays, 2 paid floating holidays, 7 paid sick days, 2 Wellness days, and 1 Paid Volunteer Day; at 3 years of service PTO increases to 22 days, and at 5 years it increases to 25 days
- 12 weeks primary caregiver leave & 4 weeks secondary caregiver leave
- Accident, critical illness, and hospital indemnity insurance
- Pet insurance
- Legal assistance and identity theft insurance plans
- Life insurance 2x salary
- Access to the Calm app and the Employee Assistance Program
- $65/month Remote work stipend for internet
- Culture and team-building activities
- Tuition assistance
- Career development opportunities
- Charitable contribution match up to $250 per year
Similar roles
Keep a backup shortlist.
AWS, Python 1 accepted country
Senior Backend Engineer (AdTech)Leap ToolsView role AWS, Python 1 accepted country
Senior Backend EngineerLeap ToolsView role Python USA
Application Security Engineer (Tech Lead)Morgan StanleyView role Python USA
Application Security Engineer (Middle)Morgan StanleyView role Stack
Use these tags to compare similar remote roles.
Location eligibility
Candidates should apply only when their profile country is listed here.
Your profileCountry not setSign in to check your country against this role.
Hiring flow
WithMira shows the role, then sends candidates to the company application.
1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.