Lead Application Security Engineer, AI & Product Security

Artera is on the lookout for a proactive Lead Application Security Engineer, AI & Product Security to collaborate closely with our AI developers and Systems Engineers. In this hands-on role, you will engage in threat modeling for agentic and LLM-powered features, enhance workflows that handle PHI/PII, and create essential tooling that enables swift and secure innovation.

This position is at the frontier of AI security, where you will help define protocols and practices. You'll be responsible for translating policies into code, developing safeguards for agent identity and ensuring proper filtering of prompts and outputs, while providing our team with effective logging, scanning, and secure tool-usage patterns. At Artera Security, we are committed to finding secure paths and facilitating collaboration with our AI Builders and System Engineers.

This role is situated in our Seattle, WA office. We value in-person collaboration, enabling you to work closely with our AI developers, Systems Engineers, and security leadership as we establish Artera's technology hub in Seattle.

As this role contributes to federal-facing systems and enterprise security functions, candidates must qualify for a government background check and adhere to strict data protection and access protocols. Familiarity with regulatory frameworks is expected, and ongoing compliance training may be required. Responsibilities: • AI Threat Modeling: Conduct end-to-end threat modeling for agentic and LLM-powered features including data ingress/egress and agent identity. • Paved Road Tooling: Construct secure SDLC frameworks, including guardrails for prompt/agent identity and PHI/PII redaction patterns. • Security Gates: Integrate SAST, DAST, SCA, and infrastructure scanning tools into CI/CD processes so that security is a key component of the development pipeline. • AI Monitoring Strategy: Research and implement an AI monitoring tool to complement our existing tools. • Policy to Practice: Translate security policies into practical usage patterns for the Artera Primitives team and Systems Engineers. • Cross-Functional Partnership: Collaborate effectively with DevOps, Systems Engineering, and AI builder teams to secure innovative pathways. • Security Ownership: Manage AWS identity and access management, secrets management, and security tool selection in our AWS environment while working with Systems Engineers and DevOps for implementation. • Security Framework Application: Leverage frameworks like MITRE ATT&CK, MITRE ATLAS, OWASP Top 10, and OWASP LLM Top 10 in architectural decision-making. Requirements: • AppSec Tenure: 6-10 years of experience in Application Security with a focus on hands-on engineering. • LLM & Agent Security: Proven experience with LLM and agent security, including familiarity with OWASP LLM Top 10 and other key concepts. • Threat Modeling Expertise: Experience in developing comprehensive end-to-end threat models for production platforms. • Pipeline Scanning Tools: Proficiency in SAST, DAST, and scanning tools within CI/CD processes. • Shift-Left Security Experience: Proven ability to integrate security policies as infrastructure-as-code (Terraform) and to manage security in CI/CD pipelines. • Cloud Depth: Extensive experience with AWS (GCP or Azure experience is acceptable; however, cloud depth is essential). • Regulated Environment Experience: Background in highly regulated settings such as healthcare, federal systems, or fintech. • Collaborative Communicator: Strong ability to communicate and work collaboratively across functions with engineers and AI builders to find secure solutions. Bonus: • Agentic AI Modeling: Direct experience threat modeling agentic AI systems. • Agentic Platform Exposure: Familiarity with AWS Agent Core, MCP, or similar platforms. • Growth Stage AI Experience: Experience working in a growth-stage company that has adopted agentic AI. • Fintech to Agentic Path: Experience transitioning from fintech to agentic systems. • AI Monitoring Tool Ownership: Previous responsibility for implementing or evaluating AI monitoring tools.

The compensation for this role ranges from $146,000 to $175,000 per year, dependent on experience and geographic tier. This role includes equity and a comprehensive benefits package.

Artera has hybrid office locations in Santa Barbara, CA, and Philadelphia (Wayne), PA. Employees generally come into the office three days a week, although this may vary based on team needs and management expectations.

We are creating geographically concentrated teams in key metropolitan areas, which we term our "Hiring Hubs." We are currently seeking remote candidates in the following markets: • Boston Metro Area, MA • Chicago Metro Area, IL • Denver Metro Area, CO • Kansas City Metro Area (KS/MO) • Los Angeles Metro Area, CA • San Francisco/Bay Area, CA • Seattle Metro Area, WA

This model helps us build strong local connections and team cohesion, even in a distributed environment.

For employment at Artera, candidates must reside in one of our hybrid office cities or designated hiring hubs. Specific roles may have additional location preferences.

Working at Artera:

Company benefits include full health benefits (medical, dental, and vision), flexible spending accounts, life insurance, disability coverage, equity opportunities, a 401(k), and more!

Career development opportunities involve manager development cohorts and employee development funds.

We offer generous time off with company holidays, a Winter & Summer break, and flexible time off.

Our Employee Resource Groups (ERGs) foster a culture of belonging at Artera—helping to create a more inclusive workplace.

Equal Employment Opportunity (EEO) Statement:

Artera is an equal opportunity employer, and all hiring practices are dedicated to fair and equitable treatment for all candidates. We consider all candidates regardless of various protected characteristics.

All hired individuals will be required to verify their identity and eligibility to work in the U.S. upon hiring.

Artera is dedicated to a discrimination-free work environment and is committed to providing reasonable accommodations for applicants and employees as needed.

Data Privacy:

We value your privacy and by applying, you consent to the processing of your personal information as outlined in our Privacy Policy.