Application Security Engineer at xAI

On-site - Palo Alto, CA

Apply
More jobs at xAI

xAI is a technology-driven company focused on creating AI systems that understand the universe. We are seeking a skilled and innovative Application Security Engineer to ensure the security and integrity of our cloud-native applications and systems throughout the software development lifecycle, with a particular focus on code security, CI/CD pipelines, and emerging AI technologies.

Salary

USD 100,000 - 258,000

Requirements

Skills

  • Bachelor's degree in Computer Science, Cybersecurity, or a related field
  • 3-5 years of experience in application security, with a strong focus on code security practices
  • Deep understanding of secure coding practices, application security frameworks, and common vulnerabilities (e.g., OWASP Top 10)
  • Proficiency in Python or Rust programming languages and experience with secure coding practices in these languages
  • Experience securing CI/CD pipelines and implementing DevSecOps practices
  • Familiarity with software supply chain security and SBOM generation tools
  • Experience with security testing tools (e.g., Burp Suite, OWASP ZAP) and static/dynamic code analysis
  • Understanding of AI/ML security implications, particularly those outlined in the OWASP LLM Top 10
  • Excellent communication skills, able to explain complex security issues to both technical and non-technical audiences
  • Experience with cloud platforms (e.g., GCP, AWS, Azure) and their security features
  • Relevant security certifications (e.g., CSSLP, OSWE)
  • Background in data privacy and compliance regulations relevant to cloud-native applications and AI systems
  • Experience with GitOps and infrastructure-as-code security
  • Familiarity with federated learning and privacy-preserving machine learning techniques
  • Experience in building custom security tooling to enhance and automate security processes
  • Interest in leveraging AI to automate security tasks and improve efficiency
  • Contributions to open-source security projects or tools
  • Experience in securing AI/ML models and data pipelines

Responsibilities

  • Conduct in-depth code reviews and static analysis to identify and mitigate security vulnerabilities in our applications
  • Design and implement secure coding guidelines and best practices for development teams
  • Collaborate closely with development teams to integrate security practices throughout the CI/CD pipeline
  • Perform threat modeling and risk assessments for applications, developing mitigation strategies for potential risks
  • Manage vulnerability tracking and remediation efforts, providing guidance to development teams
  • Support incident response activities related to application security
  • Stay current on emerging security threats and trends in cloud-native technologies and AI, continuously enhancing our security measures
  • Evaluate and secure software supply chains, including producing and maintaining Software Bills of Materials (SBOMs)
  • Address security concerns specific to AI and machine learning models, with a focus on the OWASP LLM Top 10

Technologies

PythonRustBurp SuiteOWASP ZAPCI/CD pipelinesDevSecOps practicesSoftware Bills of Materials (SBOMs)GCPAWSAzureGitOpsInfrastructure-as-code securityAI/ML securityOWASP LLM Top 10

See if your resume is ready for this job

See how our AI can optimize your resume and improve your chances for this role.