Senior Security Engineer, AI Model and Application

Benefits

Additional Information

Company Overview ImmunityBio, Inc. (NASDAQ: IBRX) is a commercial-stage biotechnology company developing cell and immunotherapy products that are designed to help strengthen each patient's natural immune system, potentially enabling it to outsmart the disease and eliminate cancerous or infected cells. We envision a day when we no longer fear cancer, but can conquer it, thanks to the biological wonder that is the human immune system. Our scientists are working to develop novel therapies that harness that inherent power by amplifying both branches of the immune system, attacking cancerous or infected cells today while building immunological memory for tomorrow. The goal: to reprogram the patient's immune system and treat the host rather than just the disease. Why ImmunityBio? - ImmunityBio is developing cutting-edge technology with the goal to transform the lives of patients with cancer and develop next-generation therapies and vaccines that complement, harness and amplify the immune system to defeat cancers and infectious diseases. - Opportunity to join a publicly traded biopharmaceutical company with headquarters in Southern California. - Work with a collaborative team with the ability to work across different areas of the company. - Ability to join a growing company with professional development opportunities. Position Summary The Senior Security Engineer AI Model and Application is a hands-on, systems-level role at the intersection of security engineering and artificial intelligence, involving close interaction with ML engineering, product, platform, and SOC/security operations teams. The Senior Security Engineer will serve as the subject matter expert (SME) in AI and LLM security across the organization, owning end-to-end security of AI systems - from data and training pipelines to inference endpoints and user-facing features. This role will support security leadership in driving threat modeling, adversarial testing, red teaming, and the implementation of secure-by-design AI features in alignment with applicable regulatory frameworks including NIST AI RMF, NIST CSF, and SOC 2 Type 2. Essential Functions Design, implementation, and maintenance of security controls across the full AI/ML lifecycle, including training data validation, model registry policies, deployment guardrails, and production monitoring for anomalous model behavior. Develop and maintain comprehensive threat models for AI/ML systems, covering prompt injection, data leakage, model evasion and extraction, data poisoning, and agent hijacking scenarios. Lead red teaming and adversarial testing of LLMs and agentic workflows - including jailbreak attempts, prompt injection, output manipulation, and business logic abuse - and drive remediation with engineering teams. Partner with ML engineers to embed security into model development pipelines, including secure training, evaluation, and deployment processes, as well as secure use of RAG architecture, tooling integrations, and multi-agent workflows. Implement and define policies for safe prompt and response handling, including PII and sensitive content detection, output filtering, and usage logging to support investigations and compliance requirements. Work with security engineering to integrate AI telemetry into SIEM, EDR, and SOC workflows; define and maintain runbooks for AI-related security incidents and forensic investigations. Lead the creation, modification, and maintenance of AI security documentation, including threat model reports, security specification documents, SOPs, data flow diagrams, and network topology documentation. Stay current on AI-specific attack techniques, emerging tooling, and relevant frameworks (NIST AI RMF, OWASP LLM Top 10, MITRE ATLAS, secure AI development guidelines) and translate findings into internal standards and controls. Consult and collaborate with cross-functional SMEs across ML, Product, Platform Engineering, Legal, and Compliance to influence security design decisions and ensure operability and technical feasibility. Provide technical mentoring and oversight to less experienced security engineers responding to and investigating AI-related security issues. Create, edit, and adhere to Standard Operating Procedures (SOPs), security playbooks, and standardized documentation templates. Perform ad-hoc and cross-functional projects assigned to support business needs and provide developmental opportunities. Education & Experience Bachelor's degree in Computer Science, Information Security, Engineering, or a related field with 7+ years of relevant experience is required. 5+ years of experience in application security, product security, or offensive security, including hands-on threat modeling and secure design for complex systems, is required. Practical, demonstrated experience assessing or attacking AI/ML or LLM systems (e.g., prompt injection, model abuse, data exfiltration via LLMs, or adversarial examples) is required. Experience working within or alongsid