Senior Application Security Engineer, AI & Product Security

ABOUT THE OPPORTUNITY

Artera is seeking a hands-on Senior Application Security Engineer, AI & Product Security to work alongside our AI builders and Systems Engineers to threat-model agentic and LLM-powered features, harden PHI/PII-handling workflows, and ship the "paved road" tooling (secure SDLC guardrails, prompt/agent-identity patterns, SAST/DAST/SCA in CI/CD) that keeps innovation fast and safe.

This is a frontier role. You'll be operating where AI security is still being defined - translating policy into code, building guardrails for agent identity and prompt/output filtering, and giving our team the logging, scanning, and safe tool-use patterns. Artera Security finds the secure path and ships it with our AI Builders and System Engineers.

This role is based in our Seattle, WA office. In-person collaboration is intentional - you'll be working shoulder-to-shoulder with our AI builders, Systems Engineers, and security leadership as we build Artera's Seattle tech hub.

This role supports federal-facing systems and contributes to enterprise security functions. Candidates must meet eligibility for a government background check and follow strict data protection, access control, and incident response protocols. Familiarity with regulatory frameworks is expected. Ongoing compliance training and evidence-based documentation may be required.

Responsibilities

• AI Threat Modeling: Threat-model agentic and LLM-powered features end-to-end: data ingress/egress, agent identity, tool-use boundaries, and the unique risks that come with frontier AI work
• Paved Road Tooling: Build the secure SDLC paved road - secure SDLC guardrails, prompt/agent identity patterns, secrets management, PHI/PII redaction patterns
• Security Gates: Embed SAST, DAST, SCA, and infrastructure scanning into CI/CD so security gates are part of the pipeline, not an afterthought
• AI Monitoring Strategy: Identify and pilot an AI monitoring tool to fill the gap our current tooling (Zscaler) doesn't cover
• Policy -> Practice: Translate existing security policy into safe tool-use patterns for the Artera Primitives team, Systems Engineers, and other AI Builder squads
• Cross Functional Partnership: Partner cross-functionally with DevOps, Systems Engineering, and the AI builder teams - meeting AI Builders and engineers in the middle and finding the secure path forward, not the "no" path
• Security Ownership: Own AWS identity and access management patterns, secrets management, and security tooling decisions in our AWS environment. Collaborate with System Engineers / DevOps on implementation.
• Security Framework Application: Apply frameworks like MITRE ATT&CK, MITRE ATLAS, OWASP Top 10, and OWASP LLM Top 10 to architectural decisions.

Requirements

• AppSec Tenure: 6-10 years in Application Security, with a hands-on engineering orientation
• LLM & Agent Security: Demonstrable experience with LLM and agent security - OWASP LLM Top 10, MITRE ATLAS, prompt/output filtering, agent identity, and tool-use risk
• Threat Modeling Expertise: You've built end-to-end threat models for production platforms and translated them into corrective controls
• Pipeline Scanning Tools: SAST, DAST, and infrastructure scanning tools in production CI/CD environments
• Shift-Left Security Experience: Taking policy, codifying it as infrastructure-as-code (Terraform), and gating CI/CD pipelines on security findings
• Cloud Depth: Significant AWS experience (GCP or Azure background acceptable; AWS is learnable, but cloud depth is required)
• Regulated Environment Experience: Background in regulated environments - healthcare (HIPAA/HITRUST), federal (FedRAMP), or fintech (PCI)
• Collaborative Communicator: Strong cross-functional communicator;able to partner with engineers and AI builders, find the secure path together.

Bonus

• Agentic AI Modeling: Direct experience threat modeling agentic AI systems (rare - but if you have it, you're the cherry on top)
• Agentic Platform Exposure: AWS Agent Core, MCP, or similar agent-platform exposure
• Growth Stage AI Experience: Experience at a growth-stage company (~50-500 people) that has already adopted agentic AI
• Fintech to Agentic Path: Background in fintech transitioning into agentic systems (a common path into this kind of work today)
• AI Monitoring Tool Ownership: Past ownership of an AI monitoring tool rollout or evaluation

$146,000 - $175,000 a year

The compensation for this role will be based on level of experience and the geographic tier in which you are located. This position also comes with equity and a variety of benefits.

OUR APPROACH TO WORK LOCATION

Artera has hybrid office locations in Santa Barbara, CA, and Philadelphia (Wayne), PA, where team members typically come in three days a week. Specific frequency can vary depending on your team's needs, manager expectations and/or role responsibilities.

In addition to our U.S. office locations, we are intentionally building geographically concentrated teams in several key metropolitan areas, which we call our "Hiring Hubs." We are currently hiring remote candidates located within the following hiring hubs:

- Boston Metro Area, MA

- Chicago Metro Area, IL

- Denver Metro Area, CO

- Kansas City Metro Area (KS/MO)

- Los Angeles Metro Area, CA

- San Francisco / Bay Area, CA

- Seattle Metro Area, WA

This hub-based model helps us cultivate strong local connections and team cohesion, even in a distributed environment.

To be eligible for employment at Artera, candidates must reside in one of our hybrid office cities or one of the designated hiring hubs. Specific roles may call out location preferences when relevant.

As our hubs grow, we may establish local offices to further enhance in-person connection and collaboration. While there are no current plans in place, should an office open in your area, we anticipate implementing a hybrid model. Any future attendance expectations would be developed thoughtfully, considering factors like typical commute times and access to public transit, to ensure they are fair and practical for the local team.

WORKING AT ARTERA

Company benefits - Full health benefits (medical, dental, and vision), flexible spending accounts, company paid life insurance, company paid short-term & long-term disability, company equity, voluntary benefits, 401(k) and more!

Career development - Manager development cohorts, employee development funds

Generous time off - Company holidays, Winter & Summer break, and flexible time off

Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join.