Principal AI Security Engineer

Role Overview

Join BetterUp as a Principal AI Security Engineer (strategic individual contributor) to enhance the security of an AI-powered SaaS platform. You will help design and deliver secure product features, lead application-level security architecture, and partner with AI/ML teams to reduce GenAI-specific risks.

Key Missions & Responsibilities

• Security by design for AI features: Collaborate with Product and Engineering teams to design, build, and ship AI capabilities with security embedded early in the product lifecycle.
• Application security architecture: Lead roadmap reviews and define secure patterns for:
  • Authentication and Authorization
  • Data protection
  • API security
• GenAI & AI/ML risk management: Work with AI/ML teams to assess, mitigate, and monitor risks related to GenAI and AI/ML model integration.
• Secure engineering practices: Provide deep expertise in secure coding, threat modeling, secure code review, and vulnerability management.
• Influence without authority: Drive secure design decisions and partner across engineering stakeholders to align security goals with product roadmaps.

Requirements

• Security background with experience in secure coding practices and/or threat modeling and data-protection requirements.
• 5+ years with Ruby on Rails and experience with modern web frameworks, APIs, and cloud-native architectures.
• 8+ years software engineering, including 4–5 years with a strong AI/ML emphasis.
• Hands-on experience with:
  • SAST/DAST tooling
  • Threat modeling
  • Secure code review
  • Vulnerability management pipelines
• Ability to mentor and share knowledge across cross-functional teams.
• Strong communication skills to engage engineers, executives, and customers.
• Comfort with ambiguity and evolving AI security and governance regulatory standards.

Nice to Have

• Experience supporting or operating bug bounty or coordinated vulnerability disclosure programs.