Principal Engineer - Secure AI

Target Target · Retail · NCD-0375 Brooklyn Park, MN

Principal Engineer focused on the security of AI systems and platforms within an enterprise retail environment. The role involves assessing AI architectures, models, agents, and infrastructure for security risks, developing validation strategies, evaluating controls, and providing recommendations for mitigation. Expertise in LLM security, threat modeling, and secure development practices is required.

What you'd actually do

  1. Collaborate with AI platform, product, and engineering teams to evaluate the security posture of AI systems throughout their lifecycle
  2. Assess AI architectures, models, agents, and supporting infrastructure to identify security risks, vulnerabilities, and design weaknesses
  3. Develop and execute security validation strategies for AI systems, including threat modeling, attack simulation, and adversarial testing
  4. Evaluate the effectiveness of existing security controls, guardrails, and mitigations protecting AI applications and platforms
  5. Identify emerging AI-specific threats, attack techniques, and vulnerabilities, and communicate their potential business impact

Skills

Required

  • Cybersecurity domains including Information Protection, Cloud Security (GCP strongly preferred), Networking Security, IAM, Automation, and SIEM
  • LLM Security expertise (RAG, MCP, Input validation, Sandboxing etc.)
  • In-depth understanding of OWASP top 10 for Large Language Model Applications
  • Expertise in AI and ML
  • Understanding of prompt injection and its various styles (direct, indirect, RAG poisoning, etc)
  • Understanding of MCP auth patterns including dynamic client registration
  • Knowledge in RAG authorization patterns
  • Understanding of OAuth roles and flows
  • Experience mitigating the security risks of local coding agents
  • Solid understanding of containerization technologies and tools

Nice to have

  • Polyglot programmer comfortable in many languages across different platforms

What the JD emphasized

  • highly technical
  • deep expertise in AI security
  • threat modeling
  • security controls
  • testing methodologies
  • industry standards
  • LLM Security expertise
  • In-depth understanding of OWASP top 10 for Large Language Model Applications
  • Expertise in AI and ML
  • Understanding of prompt injection and its various styles
  • Knowledge in RAG authorization patterns
  • Experience mitigating the security risks of local coding agents

Other signals

  • AI security
  • threat modeling
  • security controls
  • testing methodologies
  • industry standards
  • LLM Security
  • OWASP top 10 for Large Language Model Applications
  • prompt injection defenses
  • agent security
  • supply chain security
  • data protection
  • model security