Rivian

Staff Security Engineer - AI Security

Rivian$140K — $175K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • Experience in Offensive Security, Red Teaming, or Vulnerability Research, demonstrating an adversarial mindset.
  • Deep understanding of AI/ML systems, particularly in RAG pipelines and security failure modes.
  • Proficiency in application development or security using Python or Go, with knowledge of modern ML frameworks.
  • Ability to communicate complex security risks with clarity to both technical and executive audiences.
  • Contributions to the security or AI community through open-source projects or research are a plus.

Responsibilities

  • Design and execute adversarial assessments on AI systems to test safety boundaries.
  • Challenge and validate AI guardrail mechanisms beyond their intended limits.
  • Evaluate workflows for complex risks such as privilege escalation and injection attacks.
  • Build frameworks for automating adversarial testing and vulnerability discovery.
  • Design AI-driven security tools to enhance the broader cybersecurity efforts.
  • Collaborate with engineering teams to develop and validate remediation strategies.
  • Research emerging AI threats and prototype guardrails for the company's AI ecosystem.

Benefits

  • Paid vacation and sick leave for work-life balance.
  • Comprehensive medical, dental, and vision insurance.
  • Life insurance and both short-term and long-term disability coverage.
  • 401(k) Plan participation options for retirement savings.
  • Employee Stock Purchase Program eligibility for stock ownership opportunities.
Full Job Description
Role Summary

As a Security Engineer at Rivian, you will spearhead the adversarial evaluation of our AI-enabled features and internal platforms. This role will operate across Offensive Security, Secure Architecture, and AI/ML. You will act as one of Cybersecurity Assurance's primary authorities on AI-related risk. You will independently evaluate, challenge, and validate the safety and integrity of these AI initiatives.

You will both break and build, applying attacker mindset & adversarial thinking to challenge the assumptions in our entire AI ecosystem, while simultaneously creating the automated tools and guardrails needed to continuously expose and mitigate critical risks.

Responsibilities

1. Adversarial Evaluation (The "Breaker")
  • AI Red Teaming: Design and execute deep, unconstrained adversarial assessments on our applied AI systems (e.g., voice assistants, RAG services, AI agents), testing safety boundaries and guardrails through offensive security assessments
  • Challenge Assumptions: Push AI guardrail mechanisms beyond their intended limits. Your goal is to determine exactly when and how these controls fail, proving the difference between a system's expected behavior and its actual resilience against an attacker
  • Assess Agentic Workflows: Evaluate multi-agent and LLM-integrated workflows for complex risks such as privilege escalation, unsafe action chaining, direct/indirect prompt injection, and other unintended side effects.

2. Engineering & Automation (The "Builder")
  • Automate adversarial testing: Build AI-driven frameworks to scale our Red Teaming and vulnerability discovery. You will leverage LLMs, anomaly detection, and corpora of attack prompts to enhance our automated coverage.
  • Build Cross-Functional Tooling: Design and operate AI-driven security agents and automated frameworks that amplify the efforts of our broader Cybersecurity organization.
  • Co-Design Defenses: Partner closely with engineering teams to brainstorm, review & validate remediations for the gaps you find


3. Cross-Functional Influence (The "Advocate")

  • Scale AI Security Practices: Threat model AI architectures (LLMs, vector stores, data flows) and build frameworks for continuous AI-driven adversarial testing that scale across all product teams.
  • Proactive Security Research: Stay ahead of the curve. Spend time researching new AI attacks and prototyping guardrails to see if they work in our environment.
  • Foster Security Culture: Collaborate within a cross-functional team to develop relationships, influence senior stakeholders, and drive alignment on AI risk tolerance and mitigation priorities


Qualifications

  • Adversarial Mindset: Experience working in Offensive Security, Red Teaming, Vulnerability Research, Penetration Testing or adjacent role, with a demonstrated ability to evaluate complex systems with the mindset of a determined attacker to find meaningful business impact
  • AI/ML Fluency: Deep understanding of generative AI systems, including RAG pipelines, large language models, vector databases, and multi-agent orchestration frameworks, and their specific security failure modes You don't just know what "Indirect Prompt Injection" is, you know how to bypass filters to achieve it.
  • Engineering Proficiency: Hands-on experience building, testing, or securing applications using Python/Go. You are familiar with modern ML frameworks (like PyTorch, Hugging Face, or LangChain) and bring practical experience utilizing specialized AI red teaming tools (such as Garak or PyRIT).
  • Courage & Clarity: You are unafraid to challenge assumptions or expose uncomfortable truths in service of system safety, and skilled at communicating high-impact risks clearly to executives and technical peers
  • Adversarial Depth: Bonus points if you have contributed to the security or AI community through open-source tools, research, or vulnerability disclosures that demonstrate your depth in adversarial thinking

Pay Disclosure

Salary Range for this role is $140,600 - $175,800 for Georgia based applicants. This is the lowest to highest salary we in good faith believe we would pay for this role at the time of this posting. An employee's position within the salary range will be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, experience, skills, geographic location, shift, and organizational needs.

The successful candidate may be eligible for annual performance bonus and equity awards.

We offer a comprehensive package of benefits for full-time and part-time employees, their spouse or domestic partner, and children up to age 26, including but not limited to paid vacation, paid sick leave, and a competitive portfolio of insurance benefits including life, medical, dental, vision, short-term disability insurance, and long-term disability insurance to eligible employees. You may also have the opportunity to participate in Rivian's 401(k) Plan and Employee Stock Purchase Program if you meet certain eligibility requirements. Full-time employee coverage is effective on their first day of employment. Part-time employee coverage is effective the first of the month following 90 days of employment. More information about benefits is available at rivianbenefits.com.

About Rivian

Rivian is an American automaker and automotive technology company. Founded in 2009, the company develops vehicles, products and services related to sustainable transportation. Rivian has raised over $10.5 billion since 2019, with investments from Amazon, Ford, and Cox Automotive. The company's first two vehicles, the R1T and R1S, are electric vehicles that are expected to be released in 2021. Rivian has also announced plans to produce electric delivery vans for Amazon. The company has received praise for its focus on sustainability and its commitment to using recycled materials in its vehicles.
Learn more about Rivian
Size
10,000 employees
Market Cap
$16.8 billion
Industry
Founded
2009
NASDAQ

Similar Jobs

More Jobs at Rivian

More Information Technology Jobs

Find similar Staff Security Engineer - AI Security jobs: