[Remote] Staff Information Security Engineer - AI First
Note: The job is a remote job and is open to candidates in USA. Rithum is the world’s most trusted commerce network, accelerating how brands, suppliers, and retailers work together to deliver seamless e-commerce experiences. As a Staff AI-First Information Security Engineer, you will be responsible for designing security controls and monitoring for an AI-First workforce, automating security tooling, and ensuring that AI adoption does not create unseen risks. This role combines building and automating with traditional security responsibilities, requiring close collaboration with various teams.ResponsibilitiesAct as the bridge between architectural intent and operational reality; mediate conflicts between security requirements and feasible implementation, propose compensating controls where gaps exist and help register, track and remediate residual risksImplement preventive, default-on security controls across cloud and enterprise environments, codified as policy- and infrastructure-as-code so security is enforced by design, including controls that govern how AI tools and models may be usedImplement and enforce identity and access controls to an agreed standard, including access boundaries for AI systems and non-human/agent identities by partnering with Platform Engineering and IT to align tooling and policy to the architectureAssist in maintaining the InfoSec risk register; track emerging threats and translate them into actionable guidance for engineering teamsSupport third-party and vendor risk assessments, with a focus on vendors who process data through AI pipelinesAutomate repetitive security workflows (evidence collection, access reviews, alert enrichment) and build or operate AI-assisted security agents — with human-in-the-loop approval gates, least-privilege credentials, and explicit attention to each agent's own blast radiusIntegrate security tooling (SIEM, CSPM, DAST/SAST, vulnerability scanners) with LLM layers to surface actionable insight and automated responsesDefine and enforce security requirements for AI-powered features: model access controls, prompt-injection mitigations, output validation, and data-handling boundariesConduct threat modelling on agentic and LLM-based systems, accounting for novel attack surfaces such as tool misuse, indirect prompt injection, and supply chain riskSkills5+ years of security engineering experience with demonstrated AI/ML security depth (prompt injection, model supply chain, adversarial inputs, RAG)Experience using AI tools (ChatGPT, Copilot, Claude, etc.) and LLM frameworks and APIs (OpenAI, Anthropic, LangChain, or similar) to accelerate and elevate your workHands-on identity and access expertise across modern enterprise and cloud identity stacks, including access models for AI systems and non-human identitiesInfrastructure and policy-as-code (e.g. Terraform, OPA/Rego) and proficiency in a scripting language for automation (Python preferred)Cloud security expertise: AWS Solutions Architect / Security Specialty or equivalent demonstrated expertise, including multi-account governance, preventive guardrails, and policy-as-codeApplication security (OWASP Top 10 and the OWASP LLM/GenAI Top 10, secure SDLC) and threat-modelling methodologies (STRIDE, PASTA, or equivalent). Practical experience building or operating AI agents, and integrating security tooling (SIEM, CSPM, SAST/DAST/SCA) so it surfaces action rather than raw alertsWorking knowledge of SOC 2 and/or ISO 27001 control frameworksExperience building or operating AI agents in a production environmentAwareness of privacy regulation (GDPR/CCPA) as it touches AI including privacy-by-design and DPIAsRed teaming or adversarial ML research backgroundsExperience implementing privileged-access, key-management, posture-management, or data-protection programsExperience with EDR, CASB, DLP, Security automation and SAST, DAST, IAST and SCA toolsCloud Architecture or Security certifications (CCSK, TAISE, AWS)BenefitsMedical, dental and vision benefits: Affordable health care plans and company HSA contributions, starting on Day 1A 6% 401(k) matchCompetitive time off package with 20 days of Paid Time Off, 9 Company-Paid holidays, 2 paid floating holidays, 7 paid sick days, 2 Wellness days, and 1 Paid Volunteer Day; at 3 years of service PTO increases to 22 days, and at 5 years it increases to 25 days12 weeks primary caregiver leave & 4 weeks secondary caregiver leaveAccident, critical illness, and hospital indemnity insurancePet insuranceLegal assistance and identity theft insurance plansLife insurance 2x salaryAccess to the Calm app and the Employee Assistance Program$65/month Remote work stipend for internetCulture and team-building activitiesTuition assistanceCareer development opportunitiesCharitable contribution match up to $250 per yearDiscretionary bonus for non-sales rolesRemote-first working conditionsGenerous time offWellness daysCompany OverviewRithum is a provider of cloud-based e-commerce fulfillment and marketing solutions for large retailers, marketplaces, and consumer brands. It was founded in 1997, and is headquartered in Atlanta, Georgia, USA, with a workforce of 501-1000 employees. Its website is https://www.rithum.com.Company H1B SponsorshipRithum has a track record of offering H1B sponsorships, with 2 in 2025, 3 in 2024. Please note that this does not guarantee sponsorship for this specific role.