Staff Security Engineer (AI Platform)
Jobgether · Canada
Internet Marketplace Platforms · 11-50 employees
About the role
Own the end-to-end security posture, administration, and operational governance of enterprise AI platforms. Develop automation tools and frameworks to enable secure AI adoption while mitigating risks like prompt injection and data exposure.
What they look for
Requirements
Requires 8+ years of experience in security or DevOps engineering with a strong focus on managing enterprise AI platforms and cloud-native environments like GCP. Proficiency in Python or TypeScript and a deep understanding of AI-specific security risks are essential.
Benefits
Full description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Staff Security Engineer (AI Platform) based in Canada.
This role offers the opportunity to define and secure the future of enterprise AI adoption through advanced platform engineering and security practices.You will own the end-to-end security posture of AI platforms, helping teams leverage emerging technologies safely, efficiently, and responsibly.The position combines cybersecurity, DevOps, AI infrastructure, automation, and governance in a fast-moving technology environment.You will build the frameworks, tools, and processes that enable secure AI usage across the organization while anticipating future challenges.As a staff-level individual contributor, you will influence technical strategy, create scalable solutions, and establish best practices from the ground up.This is an opportunity to make a significant impact by bridging innovation and security while shaping how organizations adopt AI responsibly.
\n
Accountabilities:
- Own the administration, security posture, and operational governance of enterprise AI platforms, ensuring secure, scalable, and effective adoption across teams.
- Monitor AI platform roadmaps, product updates, vendor communications, and policy changes to proactively prepare for upcoming capabilities and risks.
- Manage AI platform configurations, organizational settings, access controls, and governance processes using infrastructure-as-code and version-controlled practices.
- Maintain secure API key management, secrets hygiene, and identity provisioning workflows, including SSO and SCIM integrations.
- Build financial visibility tools, dashboards, and reporting systems to track AI usage, costs, trends, and return on investment across teams.
- Develop automation solutions and internal AI tooling, including MCP servers and agent-based workflows, to extend AI capabilities securely.
- Write and maintain production-quality code using languages such as Python and/or TypeScript for automation, dashboards, integrations, and platform improvements.
- Identify and mitigate AI-specific security risks, including prompt injection, sensitive data exposure, and unexpected AI system behaviors.
- Partner with AI governance, security, and business teams to implement technical controls, provide guidance, and improve AI adoption practices.
- Serve as a technical advisor on AI platform architecture, security considerations, operational risks, and emerging best practices.
Requirements:
- 8+ years of experience in security engineering, IT engineering, DevOps, or similar roles with significant security ownership.
- Strong hands-on experience managing enterprise AI platforms, including administration, configuration, governance, and organizational controls.
- Experience with DevOps practices such as Git-based configuration management, CI/CD workflows, and infrastructure-as-code approaches.
- Strong understanding of AI security risks, including prompt injection, data leakage, agentic AI failure modes, and incident response strategies.
- Proficiency in Python and/or TypeScript with experience building automation tools, dashboards, integrations, or production systems.
- Experience working with cloud-native environments, particularly GCP or similar cloud platforms.
- Familiarity with identity and access management solutions, including SSO and SCIM provisioning in SaaS environments.
- Strong understanding of secure platform administration and operational best practices.
- Excellent written and verbal communication skills, with the ability to explain complex technical concepts to non-technical stakeholders.
- Strong collaboration skills and a team-oriented mindset with the ability to influence across multiple functions.
- Experience building or operating MCP servers, AI agent workflows, financial analytics tools, or governance-related programs is a plus.
Benefits:
- Flexible remote-first work environment with opportunities for team meetups and collaboration events.
- Monthly stipend to support coworking spaces, phone, and internet expenses.
- Stock options with extended flexibility for exercising options over time.
- Fully covered health, vision, and dental insurance premiums for employees and dependents.
- Flexible paid time off policy to support work-life balance and personal well-being.
- Paid parental leave, including extended support for new parents.
- Opportunity to work on cutting-edge AI security and infrastructure challenges.
- Collaborative culture focused on innovation, trust, ownership, and continuous growth.
- Chance to influence AI adoption strategies and build foundational systems from the ground up.
\nHow Jobgether works:
We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.
We appreciate your interest and wish you the best!
Why Apply Through Jobgether?
Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.
#LI-CL1