Principal Engineer, AI Security

Lila Sciences Lila Sciences · AI Frontier · One Charles Park, Cambridge, MA · Business Operations

Principal Engineer, AI Security role focused on defining and driving the technical strategy for securing AI usage across Lila's enterprise. This role partners with IT and business teams to ensure safe and compliant adoption of AI tools and platforms, focusing on protecting sensitive data, intellectual property, and scientific workflows. Responsibilities include defining security controls and guardrails for AI tools, designing AI gateway and agentic gateway security, conducting red teaming and adversarial testing, developing data protection controls, integrating AI security into enterprise security layers, threat modeling, vendor assessment, and incident response.

What you'd actually do

  1. Define and implement security controls and guardrails for the use of AI tools (e.g., LLM APIs, SaaS AI platforms, and internal AI services) across the organization.
  2. Design and implement AI gateway controls to manage and monitor access to external and internal AI systems.
  3. Conduct red teaming and adversarial testing focused on enterprise AI usage, including prompt injection, data exfiltration, jailbreaks, and abuse of connected tools and plugins.
  4. Develop and enforce controls to prevent sensitive data leakage through AI systems, including input/output filtering, data classification, tokenization, and secure handling of prompts, embeddings, and outputs.
  5. Integrate AI security into existing enterprise security layers: network visibility and control over AI service access, API traffic inspection, and zero trust enforcement; endpoint security for developer machines, research environments, browsers, and plugins; data layer controls ensuring proper handling of sensitive data when interacting with AI systems.

Skills

Required

  • 8+ years of experience in information security
  • strong expertise in enterprise, cloud, or application security
  • Hands-on experience designing and implementing security controls in enterprise environments
  • Familiarity with AI/ML systems and how modern AI tools (LLMs, copilots, APIs) are used in practice
  • Experience with cloud platforms (AWS/GCP), SaaS security, and zero trust architectures
  • Experience with data protection technologies (e.g., DLP, data classification, access controls)
  • Practical experience with threat modeling, red teaming, or adversarial testing
  • Strong communication and influence skills across technical and non-technical stakeholders

Nice to have

  • Experience securing enterprise use of LLMs, copilots, or generative AI platforms
  • Familiarity with AI gateways, prompt filtering, or model interaction controls
  • Experience evaluating or securing third-party AI vendors and APIs
  • Background in regulated environments (biotech, healthcare, defense, or government)
  • Experience with browser security, endpoint controls, or SaaS security platforms
  • Knowledge of privacy-enhancing technologies or confidential computing
  • Contributions to AI/ML security research or community

What the JD emphasized

  • security controls and guardrails
  • AI gateway
  • agentic workflows
  • tool-use constraints
  • data leakage
  • input/output filtering
  • prompt injection
  • data exfiltration
  • model misuse
  • unauthorized agent actions
  • third-party AI vendors
  • regulatory requirements

Other signals

  • securing enterprise AI usage
  • AI security strategy
  • AI gateway controls
  • agentic workflow security
  • AI red teaming
  • data protection for AI