Skip to main content
Back to jobs

Sr. AI Security Engineer

External
backblaze logoBackblaze · Remote
Full-timeRemote1w ago
JavaLangChainLessMentoringObservabilityOpenTelemetry
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

Backblaze is seeking a Senior AI Security Engineer to design and implement safeguards for internal AI usage , with a focus on agentic systems, developer protection, and runtime security . This is a hands-on role for a practitioner who has built and deployed security controls , not just defined policy. You will enable teams to safely use AI by creating enforcement layers, identity controls, and detection capabilities that constrain and monitor AI-driven activity.

Responsibilities

  • Agentic AI Safeguards
  • Architect and implement guardrails for tool-using AI systems , including:
  • Tool access controls and allowlists
  • Context and memory isolation
  • Step-level validation of agent actions
  • Apply mitigations aligned to the OWASP Agentic AI Top 10 (e.g., prompt injection, unsafe tool use, data leakage, excessive autonomy)
  • Runtime Security Controls
  • Build enforcement mechanisms that govern AI behavior at execution time:
  • Interceptors, proxies, or middleware for tool/API calls
  • Policy decision and enforcement layers
  • Rate limits, execution bounds, and kill-switches
  • Prevent unsafe or unauthorized actions initiated by AI systems
  • Non-Human Identity (NHI)
  • Design and implement identity and access controls for agents and automation , including:
  • Short-lived credentials and scoped permissions
  • Clear separation between human and non-human access
  • Strong binding of identity to task context and execution
  • Ensure all AI actions are attributable and auditable
  • Observability & Detection
  • Implement logging and tracing for AI activity :
  • Prompts, tool usage, and decision flows
  • Build detection capabilities using:
  • Behavioral baselining and anomaly detection techniques
  • Identify and alert on:
  • Abnormal tool usage
  • Suspicious prompt patterns
  • Unexpected data access
  • Threat Modeling (MAESTRO)
  • Perform agentic system threat modeling using MAESTRO , including:
  • Mapping agent capabilities, trust boundaries, and attack paths
  • Modeling misuse and adversarial scenarios
  • Translate findings into practical safeguards and detection logic
  • Developer Safeguards
  • Protect developers using AI tools by:
  • Preventing sensitive data exposure
  • Validating AI-generated code and actions
  • Constraining unsafe automation
  • Enable safe usage of AI-assisted development tools (e.g., Claude Code, Codex, Cursor ) with:
  • Security validation layers
  • Controlled prompting and output handling patterns
  • The Right Fit:
  • 7+ years in security engineering or backend systems
  • Proven experience designing and deploying security controls , such as:
  • Runtime enforcement layers (proxies, middleware, policy engines)
  • Identity and access systems, especially for non-human entities
  • Strong programming skills (Python preferred; Go, Java, or TypeScript a plus)
  • Experience using AI-assisted development tools such as Claude Code in real workflows, including understanding associated security risks and safeguards
  • Experience with:
  • Logging, monitoring, and detection systems
  • Building or securing API/service interactions
  • Practical familiarity with:
  • Agentic AI systems or tool-integrated LLM workflows
  • OWASP guidance for AI/agent risks
  • Practitioner Knowledge
  • Experience applying (not just referencing):
  • OWASP Agentic AI / LLM risk guidance
  • NIST AI RMF concepts in real systems
  • CSA guidance on workload and machine identity
  • Strong understanding of:
  • Zero Trust for non-human identities
  • Secrets management and credential scoping
  • Observability tooling (e.g., OpenTelemetry, ELK)
  • Bonus Points For:
  • Experience securing internal AI platforms or developer-facing AI tools
  • Background in detection engineering, threat hunting, or adversarial testing
  • Familiarity with agent frameworks (e.g., LangChain, LlamaIndex)
  • Experience mentoring engineers and guiding secure design
  • At this point, we hope you're feeling excited about the job description you're reading. Even if you don't meet every requirement, we still encourage you to apply. Learning, developing, and growing are key parts of our culture. We're eager to meet people

Benefits

Paid time offEquity / stock optionsPerformance bonus

Additional Information

Backblaze is the object storage leader in the open cloud movement, fueling customer success with cloud storage built purposefully to unlock budgets, unburden administrators, and unleash innovators. Together with our partners, we're helping customers break free from the restrictive, overpriced legacy solutions that hold them back, and blaze forward with the full power of the open cloud in their hands. Founded in 2007, we scaled the business with less than $3 million in outside funding until 2021, when we did a traditional IPO on the Nasdaq stock exchange. Today, Backblaze generates over $100m in revenue and is the leading specialized storage cloud - managing over three billion gigabytes of data storage for 500K+ customers in 175+ countries, including businesses, developers, IT professionals, and individuals. But while there is a lot to celebrate in our past, there is almost as much opportunity ahead of us. We are seeking a Sr. AI Security Engineer to join our team!

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at backblaze? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect