Senior Staff Platform and Product Security AI Engineer

Adobe Adobe · Enterprise · San Jose, CA

Senior Staff AI Security Engineer at Adobe Express, responsible for defining and executing the security strategy for AI-enabled product and technology frameworks. This role involves influencing security roadmaps, providing build-vs-buy recommendations, and implementing durable security mechanisms for AI products. Key responsibilities include architecting secure guardrails for AI-assisted development, securing AI coding assistants, leading production agent security (prompt injection defense, tool-use sandboxing, data isolation), and driving DevSecOps automation across the SDLC. The role also involves translating compliance requirements into engineering controls and tracking adoption metrics.

What you'd actually do

  1. Architect secure-by-default guardrails for AI-assisted development.
  2. Design and scale security guardrails for modern engineering workflows: CI/CD pipelines, policy-as-code, developer tooling, PR feedback, and secure-by-default platform patterns.
  3. Define and enforce security controls for AI coding assistants and tools, including safer permissions, sandboxing, credential protections, across various surfaces including web, desktop, mobile and backend infrastructure.
  4. Drive DevSecOps and automation across the SDLC, including PR feedback, SAST/SCA, secrets scanning, infrastructure-as-code review, container security, and SBOM intelligence.
  5. Establish reusable security standards, security skills, secure coding rules, and paved-road patterns that product teams can adopt without inventing their own approach.

Skills

Required

  • Security engineering
  • AI security
  • Product security
  • Threat modeling
  • API security
  • Input validation
  • SSRF prevention
  • Vulnerability management
  • Secure SDLC practices
  • Python
  • Java
  • TypeScript
  • Go
  • AI/agent frameworks
  • DevSecOps
  • CI/CD
  • Policy-as-code
  • SAST/SCA
  • Secrets scanning
  • Infrastructure-as-code review
  • Container security
  • SBOM intelligence
  • Prompt injection defense
  • Tool-use sandboxing
  • Data isolation
  • Communication skills
  • Planning skills
  • Attention to detail
  • Judgment

Nice to have

  • CISSP
  • CCSP
  • Security certification

What the JD emphasized

  • security strategy and execution
  • AI security engineering
  • ship securely at scale
  • move security from advisory mentorship to embedded controls
  • secure-by-default AI coding configurations
  • agent harness guardrails
  • automated SDLC checks
  • sandboxed agent execution
  • measurable vulnerability reduction
  • production agent security
  • runtime prompt-injection defense
  • tool-use sandboxing
  • multi-tenant data isolation
  • agent output handling
  • trust boundaries
  • Track adoption, coverage, remediation speed, developer friction, and residual risk
  • 12+ years of experience in security engineering
  • track record of securing large-scale products and engineering platforms
  • Practical expertise in one or more languages such as Python, Java, TypeScript, Go, or similar
  • Experience with AI/agent frameworks
  • Experience maturing security ideas from prototype into production grade

Other signals

  • AI security strategy and execution
  • secure-by-default AI coding configurations
  • agent harness guardrails
  • automated SDLC checks
  • sandboxed agent execution
  • measurable vulnerability reduction