BetterUp
The Principal AI Security Engineer is a strategic individual contributor role responsible for advancing BetterUp’s product and application security posture across our AI-powered SaaS platform. This role operates at the intersection of secure engineering, AI governance, and regulatory alignment—guiding security by design in product development and scaling key security initiatives including ISO 42001 readiness, bug bounty programs, and customer-driven assurance.
Serving as a technical thought leader and security domain expert, this role partners closely with Engineering, Product, and AI/ML teams to embed secure development practices into the SDLC, proactively manage risk, and drive customer trust through continuous improvement of our product security capabilities.
Key Responsibilities
Translate emerging regulatory frameworks (e.g., ISO 42001, SOC2, OWASP ASVS) and customer assurance requirements into actionable engineering enhancements. Define and guide the secure design and implementation of features across web, mobile, and AI-powered services, ensuring security is embedded early in the product lifecycle. Scale and lead the bug bounty and vulnerability disclosure programs, partnering with researchers and triage teams to drive rapid remediation and learning loops. AI and Application Security Enablement
Partner with AI/ML teams to assess, mitigate, and monitor risks unique to GenAI and AI/ML model integration, including prompt injection, data leakage, and model manipulation. Provide deep expertise in secure coding practices, threat modeling, design reviews, and static/dynamic analysis to Engineering teams delivering core user-facing functionality. Serve as a security SME for AI-centric features, helping teams align with AI governance, privacy, and ethical use frameworks. Cross-Functional Collaboration
Work closely with internal teams (Product Managers, Engineering Leads, and Platform teams) as well as external partners to ensure alignment of security goals with product roadmaps. Serve as a bridge between security, compliance, and engineering—translating external regulatory and customer drivers into technical security requirements. Actively influence product development timelines and risk prioritization through strategic participation in design, architecture, and sprint planning forums. Security Architecture & Technical Advisory
Lead application-level security architecture reviews and define secure patterns for authentication, authorization, data protection, and API security. Evaluate new technologies and services for security risks and support secure vendor selection and integration. Contribute to and help evolve BetterUp’s secure development lifecycle and product security engineering standards. Qualifications
8+ years of experience in application and product security roles within cloud-native and SaaS environments, with a strong emphasis on securing AI/ML systems, models, and data pipelines. Proven success delivering security enhancements with SOC2, NIST, OWASP, CIS Benchmarks; with a huge plus with ISO 42001. Hands-on experience with SAST/DAST tooling, threat modeling, secure code review, and vulnerability management pipelines. Experience collaborating with internal stakeholders (including the product, engineering and go-to-market teams) as well as external partners to ensure alignment of security goals with product roadmaps. Demonstrated ability to influence engineering teams and drive secure design decisions without formal authority. Strong understanding of secure development practices for distributed systems, microservices, APIs, and data pipelines. Bonus: experience supporting or operating bug bounty or coordinated vulnerability disclosure programs. Skills & Competencies
Strategic and pragmatic thinking with the ability to balance risk and product velocity. Technical depth in modern cloud-native architectures and software development lifecycles. Clear, concise communication skills for engaging engineers, executives, and customers. Comfort with ambiguity and evolving regulatory standards in AI security and governance. Passion for mentoring and sharing knowledge across cross-functional teams. AI at BetterUp
Our team thrives at the intersection of human expertise and AI capability. As an AI-forward company, adaptation and continuous learning are part of our daily work. We're looking for teammates who are excited to evolve alongside technology – people who experiment boldly, share their discoveries openly, and help define best practices for AI-augmented work. Benefits
Access to BetterUp coaching; one for you and one for a friend or family member. A competitive compensation plan with opportunity for advancement. Medical, dental, and vision insurance. Flexible paid time off. All federal/statutory holidays observed. 4 BetterUp Inner Workdays. 5 Volunteer Days to give back. Learning and Development stipend. Company wide Summer & Winter breaks. Year-round charitable contribution of your choice on behalf of BetterUp. 401(k) self contribution. BetterUp Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, disability, genetics, gender, sexual orientation, age, marital status, veteran status. In addition to federal law requirements, BetterUp Inc. complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. The base salary range for this role is $232,000- $366,000.
#J-18808-Ljbffr
Translate emerging regulatory frameworks (e.g., ISO 42001, SOC2, OWASP ASVS) and customer assurance requirements into actionable engineering enhancements. Define and guide the secure design and implementation of features across web, mobile, and AI-powered services, ensuring security is embedded early in the product lifecycle. Scale and lead the bug bounty and vulnerability disclosure programs, partnering with researchers and triage teams to drive rapid remediation and learning loops. AI and Application Security Enablement
Partner with AI/ML teams to assess, mitigate, and monitor risks unique to GenAI and AI/ML model integration, including prompt injection, data leakage, and model manipulation. Provide deep expertise in secure coding practices, threat modeling, design reviews, and static/dynamic analysis to Engineering teams delivering core user-facing functionality. Serve as a security SME for AI-centric features, helping teams align with AI governance, privacy, and ethical use frameworks. Cross-Functional Collaboration
Work closely with internal teams (Product Managers, Engineering Leads, and Platform teams) as well as external partners to ensure alignment of security goals with product roadmaps. Serve as a bridge between security, compliance, and engineering—translating external regulatory and customer drivers into technical security requirements. Actively influence product development timelines and risk prioritization through strategic participation in design, architecture, and sprint planning forums. Security Architecture & Technical Advisory
Lead application-level security architecture reviews and define secure patterns for authentication, authorization, data protection, and API security. Evaluate new technologies and services for security risks and support secure vendor selection and integration. Contribute to and help evolve BetterUp’s secure development lifecycle and product security engineering standards. Qualifications
8+ years of experience in application and product security roles within cloud-native and SaaS environments, with a strong emphasis on securing AI/ML systems, models, and data pipelines. Proven success delivering security enhancements with SOC2, NIST, OWASP, CIS Benchmarks; with a huge plus with ISO 42001. Hands-on experience with SAST/DAST tooling, threat modeling, secure code review, and vulnerability management pipelines. Experience collaborating with internal stakeholders (including the product, engineering and go-to-market teams) as well as external partners to ensure alignment of security goals with product roadmaps. Demonstrated ability to influence engineering teams and drive secure design decisions without formal authority. Strong understanding of secure development practices for distributed systems, microservices, APIs, and data pipelines. Bonus: experience supporting or operating bug bounty or coordinated vulnerability disclosure programs. Skills & Competencies
Strategic and pragmatic thinking with the ability to balance risk and product velocity. Technical depth in modern cloud-native architectures and software development lifecycles. Clear, concise communication skills for engaging engineers, executives, and customers. Comfort with ambiguity and evolving regulatory standards in AI security and governance. Passion for mentoring and sharing knowledge across cross-functional teams. AI at BetterUp
Our team thrives at the intersection of human expertise and AI capability. As an AI-forward company, adaptation and continuous learning are part of our daily work. We're looking for teammates who are excited to evolve alongside technology – people who experiment boldly, share their discoveries openly, and help define best practices for AI-augmented work. Benefits
Access to BetterUp coaching; one for you and one for a friend or family member. A competitive compensation plan with opportunity for advancement. Medical, dental, and vision insurance. Flexible paid time off. All federal/statutory holidays observed. 4 BetterUp Inner Workdays. 5 Volunteer Days to give back. Learning and Development stipend. Company wide Summer & Winter breaks. Year-round charitable contribution of your choice on behalf of BetterUp. 401(k) self contribution. BetterUp Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, disability, genetics, gender, sexual orientation, age, marital status, veteran status. In addition to federal law requirements, BetterUp Inc. complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. The base salary range for this role is $232,000- $366,000.
#J-18808-Ljbffr