We are actively seeking a Staff AI Security Engineer to join our team. Reporting to the CISO, you will define and evolve our AI security strategy to protect highly sensitive mental health data across both product and corporate environments. Please note that this is a hybrid role based in San Francisco, with an expectation to be in the office 2-3 days per week at our 2 Embarcadero Ctr. location. Candidates must be based in the San Francisco metro area or able to relocate independently within 90 days of their start date. Occasional travel will be required for team on-sites. What you'll do - Define and evolve our AI security strategy to protect highly sensitive mental health data across both product and corporate environments - Lead secure design and threat modeling for AI systems including LLMs, agentic workflows, and retrieval pipelinesIdentify and mitigate risks such as prompt injection, data exfiltration, model abuse, and privilege escalation - Build scalable AI security guardrails and tooling that enable safe experimentation across engineering and business teams - Establish AI-specific governance frameworks covering identity, access control, auditability, and observability - Take ownership of and lead our AI Red Team to proactively identify vulnerabilities - Design and implement AI observability pipelines to detect anomalous model behavior and policy violations in near real-time - Develop and operationalize AI incident response playbooks to ensure rapid containment of security eventsPartner with product and engineering teams to enable responsible AI innovation in a hyper-growth environment - Champion a culture of secure AI development by mentoring engineers and defining high standards for the organization What success looks like in this role - 80% of new AI product features are threat modeled prior to GA - 80% of AI features are tested by the AI Red Team or equivalent adversarial testing before GA - Achieve >=70% coverage of production AI features with automated LLM vulnerability testingGrow participation in the AI Red Team by 10% YoY - Develop AI incident response playbooks and conduct at least one AI-focused tabletop or live simulation per year What you'll bring - 10+ years experience in a software engineering discipline, with at least 5+ years focused on security - Hands-on experience securing AI/ML systems, including practical AI red teaming against LLMs, agentic workflows, or RAG systems - Experience developing or implementing automated LLM vulnerability testing for prompt injection and data exfiltrationStrong foundation in application security principles, threat modeling, secure design, and identity and access control - Demonstrated ability to build tools and automation with a developer mindset - Experience influencing senior engineers and cross-functional stakeholders across product, legal, and complianceProven track record of mentoring engineers and cultivating a strong security culture across an organization - Strong working knowledge of modern developer tooling, CI/CD pipelines, and git-based collaboration - Ability to operate in ambiguity and translate emerging AI risks into pragmatic, scalable security controls - Deep personal ownership and a passion for advancing AI security through continuous learning The target base salary range for this position is $239,200 - $270,000, and is part of a competitive total rewards package including stock options and benefits. Individual pay may vary from the target range and is determined by a number of factors including experience, location, internal pay equity, and other relevant business considerations. We review all employee pay and compensation programs annually using Radford Global Compensation Databaseat minimum to ensure competitive and fair pay. Benefits provided by Spring Health: Note: We have even more benefits than listed here and below, your recruiter will provide more in-depth information as you continue in the interview process. Benefits are subject to individual plan requirements and eligibility criteria. - Health, Dental, Vision benefits start on your first day at Spring. You and your dependents also receive access to One Medicalaccounts HSA and FSA plans are also available, with Spring contributing up to $1K for HSAs, depending on your plan type. - Employer sponsored 401(k) match of up to 2% for retirement planning - A yearly allotment of no cost visits to the Spring Health network of therapists, coaches, and medication management providers for you and your dependents. - We offer competitive paid time off policies including vacation, sick leave and company holidays. - At 6 months tenure with Spring, we offer parental leave of 18 weeks for birthing parents and 16 weeks for non-birthing parents. - Access to Noom, a weight management program-based in psychology, that's tailored to your unique needs and goals. - Access to fertility care support through Carrot, in addition to $4,000 reimbursement for related fertility expenses. - Access toWellhub, which connects employees to the best options for fitness, mindfulness, nutrition, and sleep in one subscription - Access to BrightHorizons, which provides sponsored child care, back-up care, and elder care - Up to $1,000 Professional Development Reimbursement a year. - $200 per year donation matching to support your favorite causes. Not sure if you meet every requirement? Research shows that women and people from historically underrepresented communities often hesitate to apply for roles unless they meet every qualification compared to other similarly-qualified candidates. At Spring Health, we are committed to fostering a workplace where everyone feels valued, empowered, and supported to Thrive. If this role excites you, we encourage you to apply. Ready to do the most impactful work of your life? Learn more about our values, what it's like to work here, and how hypergrowth meets impact at Spring Health: Our Values Our privacy policy: https://springhealth.com/privacy-policy/