About the Role

Cerebras is seeking a Principal AI Security Engineer to lead hands-on security engineering for enterprise IT, infrastructure, AI platforms, and agentic systems.

In this role, you will design and build security controls for systems that support training, inference, model serving, customer workloads, internal automation, and AI-assisted development. You will work across product, cloud, infrastructure, identity, runtime, data, and developer platforms to protect sensitive data, enterprise and customer environments, models, tools, agents, and control planes.

This is a principal IC role for someone who can turn ambiguous AI and platform security risks into practical architecture, reusable controls, and production-ready systems that teams can adopt by default.
Responsibilities

• Define security architecture and build controls for AI platforms, training and inference workflows, model-serving systems, customer workloads, developer workflows, and agentic
• Develop reusable AI and agent security patterns for identity, authorization, delegated authority, scoped tool access, MCPs, connectors, secrets, approvals, isolation, auditability, and
• Design runtime controls that constrain execution, access, data exposure, model and tool interaction, and blast radius.
• Build security capabilities as code using infrastructure as code, configuration as code, policy as code, GitOps, CI/CD, and automated validation.
• Define secure development patterns for AI systems, agents, prompts, tools, models, policies, evaluations, releases, and rollback.
• Automate security reviews, policy checks, evidence collection, control validation, and remediation
• Instrument AI, agent, and platform activity with telemetry, traceability, policy decisions, audit logs, anomaly signals, and response workflows.
• Lead hands-on security reviews and influence product, platform, infrastructure, and security architecture through practical design changes and reusable controls.

Skills and Qualifications

• 10+ years of experience in security engineering, platform security, infrastructure security, product security, or related technical security roles.
• Strong hands-on engineering ability in Python and at least one additional production
• Experience designing, building, operating, and improving security controls as
• Strong cloud and infrastructure security experience, preferably with AWS, including IAM, networking, secrets management, logging, and cloud-native control planes.
• Deep understanding of identity and access systems, including SSO, MFA, OAuth, service accounts, workload identity, authorization, privileged access, and least privilege.
• Practical experience securing runtime environments such as containers, Kubernetes, isolated workloads, secure development environments, distributed compute platforms, or production service infrastructure.
• Familiarity with AI security, LLM application security, agentic workflows, MCPs, prompt injection, autonomous coding agents, or AI platform security.
• Ability to reason about cross-system risk involving identity, data, models, tools, networks, workflows, approvals, and automation.
• Strong written communication skills and the ability to influence senior technical stakeholders across Security, Product, IT, Infrastructure, and Engineering.

Relevant Experience

We do not expect every candidate to have worked across all of these areas, but we value depth in several:

• AI, ML, training, inference, model-serving, or large-scale compute
• Coding agents, agent platforms, MCP servers, internal developer platforms, or AI-assisted development environments.
• Workload identity, secrets brokers, token brokers, short-lived credentials, privileged access, or zero-standing-privilege architectures.
• Policy-as-code, authorization services, runtime enforcement layers, or security control
• Software delivery security, including source control, CI/CD, build systems, artifacts, provenance, signing, and release gates.
• Detection, investigation, and response workflows for cloud, infrastructure, identity, AI, or agent

What Success Looks Like

Success in this role means shaping how Cerebras secures the systems behind AI training, inference, model serving, customer workloads, and agentic automation. You will turn emerging AI and agent risks into reusable security architecture, safer identity and authorization models, scoped tool access, runtime containment, secure software delivery paths, automated policy validation, high-signal telemetry, and controls that engineering teams can adopt by default.