Databricks
Staff Security Software Engineer, AI Security
Vaga remota de Security com fit claro de localização do candidato.
PublicadaAdicionada recentemente
Países elegíveis2 países aceitos
Sinal de senioridadeLead
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Países BaixosEstados Unidos
Resumo da vaga
Staff Security Software Engineer, AI Security
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
AI Red Team & Adversarial Testing
- Lead AI red team engagements against Databricks' production AI systems, including Foundation Model APIs, Genie and natural language query systems, Model Serving infrastructure, MCP-connected agents, and RAG pipelines
- Design and execute adversarial attack scenarios: prompt injection, jailbreaking, memory poisoning, cross-tenant data leakage in multi-tenant serving, and sandbox bypasses
- Develop proof-of-concept exploits for AI-specific vulnerability classes and perform variant analysis to identify the full scope of exposure across the AI platform
- Contribute to the evolution of the Databricks AI Security Framework (DASF), maintaining and extending the risk taxonomy, control library, and testing methodology as AI capabilities evolve
AI Product Security & Architecture Reviews
- Lead comprehensive security architecture reviews for complex AI features: threat modeling agentic workflows, RAG pipelines, multi-model serving chains, and MCP-based tool integrations
- Partner directly with AI and ML engineering teams to identify security risks early in the design process and define practical, scalable controls
- Assess and drive resolution of cross-cutting AI security risks: Unity Catalog permission enforcement in AI contexts, inference data isolation, model artifact integrity, fine-tuning pipeline security, and external model API governance via AI Gateway
- Identify recurring security patterns across AI features; advocate for class-level architectural fixes rather than feature-by-feature point solutions
AI Security Tooling & Automation
- Design and build automated AI security testing tooling, including adversarial prompt libraries, agent behavior analysis frameworks, and continuous testing harnesses
- Build AI-assisted automation that scales security reviews, threat modeling, and vulnerability triage for AI features
- Develop and maintain security guardrails and enforcement mechanisms: LLM-as-judge review, prompt delimiting, output validation, rate limiting, and audit logging
Cross-Team Remediation & Standards
- Set technical standards for how AI security risks are assessed, prioritized, and remediated across the engineering organization
- Drive cross-team remediation for significant AI security findings, defining fix requirements, validating patches, and ensuring regression coverage in CI/CD pipelines
- Produce high-quality threat models, security advisories, and post-mortems that inform organizational risk decisions for AI products
Mentorship & Community
- Mentor engineers on the AI Security team in adversarial ML techniques, AI threat modeling, and security tooling development
- Contribute to internal knowledge assets, including training materials, design patterns, and threat model templates, that raise AI security fluency across the engineering organization
- Represent Databricks in the external AI security community through publications, conference talks, or open-source contributions
What We Look For
- 7–10 years of combined experience in offensive security, AI/ML security research, or product security engineering, with demonstrated leadership in securing complex systems
- Subject matter expert in at least two of the following AI security domains:
What We Look For
- Demonstrated ability to design and execute adversarial attacks against production AI systems
- Deep understanding of AI/ML platform architecture- how models are trained, served, and integrated, and where the trust boundaries between components lie
- Expert in at least one major cloud platform (AWS, Azure, GCP) and its AI/ML security model
- Proficient in Python; able to read and analyze ML model code, training scripts, and API serving code; working knowledge of at least one additional language (Go, Java, Scala, Rust)
- Track record of driving cross-team AI security improvements and influencing product architecture decisions
- Experience building automated security tooling for AI systems
- Strong communicator- translates AI security risks into actionable guidance for engineers, product managers, and leadership
- Pragmatic approach to risk- distinguishes real-world exploitable AI risk from theoretical concerns
Nice to haves
- Published research on AI/ML security topics or experience presenting at AI security venues (DEF CON AI Village, NeurIPS workshops, Black Hat)
- Experience with OWASP Top 10 for LLMs, MITRE ATLAS, or similar AI security frameworks
- Familiarity with MLflow, Unity Catalog, Delta Lake, or Databricks platform internals
- OSCP or equivalent offensive security certification
- Academic or research background in machine learning, adversarial ML, or AI safety
Vagas similares
Mantenha uma lista reserva.
Python, Spark USA
Senior Data EngineerTop Us Wealth Management FirmVer vaga Java, Python USA
Application Security Engineer (Tech Lead)Morgan StanleyVer vaga Java, Python USA
Application Security Engineer (Middle)Morgan StanleyVer vaga Java, Python USA
Application Security Engineer (Senior)Morgan StanleyVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.