Sr. AI Security Engineer

Backblaze is the object storage leader in the open cloud movement, fueling customer success with cloud storage built purposefully to unlock budgets, unburden administrators, and unleash innovators. Together with our partners, we’re helping customers break free from the restrictive, overpriced legacy solutions that hold them back, and blaze forward with the full power of the open cloud in their hands.

Founded in 2007, we scaled the business with less than $3 million in outside funding until 2021, when we did a traditional IPO on the Nasdaq stock exchange. Today, Backblaze generates over $100m in revenue and is the leading specialized storage cloud - managing over three billion gigabytes of data storage for 500K+ customers in 175+ countries, including businesses, developers, IT professionals, and individuals.

But while there is a lot to celebrate in our past, there is almost as much opportunity ahead of us. We are seeking a Sr. AI Security Engineer to join our team!

Backblaze is seeking a Senior AI Security Engineer to design and implement safeguards for internal AI usage, with a focus on agentic systems, developer protection, and runtime security.

This is a hands-on role for a practitioner who has built and deployed security controls, not just defined policy. You will enable teams to safely use AI by creating enforcement layers, identity controls, and detection capabilities that constrain and monitor AI-driven activity.

• Architect and implement guardrails for tool-using AI systems, including:
• Tool access controls and allowlists
• Context and memory isolation
• Step-level validation of agent actions
• Apply mitigations aligned to the OWASP Agentic AI Top 10 (e.g., prompt injection, unsafe tool use, data leakage, excessive autonomy)

• Build enforcement mechanisms that govern AI behavior at execution time:
• Interceptors, proxies, or middleware for tool/API calls
• Policy decision and enforcement layers
• Rate limits, execution bounds, and kill-switches
• Prevent unsafe or unauthorized actions initiated by AI systems

• Design and implement identity and access controls for agents and automation, including:
• Short-lived credentials and scoped permissions
• Clear separation between human and non-human access
• Strong binding of identity to task context and execution
• Ensure all AI actions are attributable and auditable

• Implement logging and tracing for AI activity:
• Prompts, tool usage, and decision flows
• Build detection capabilities using:
• Behavioral baselining and anomaly detection techniques
• Identify and alert on:
• Abnormal tool usage
• Suspicious prompt patterns
• Unexpected data access

• Perform agentic system threat modeling using MAESTRO, including:
• Mapping agent capabilities, trust boundaries, and attack paths
• Modeling misuse and adversarial scenarios
• Translate findings into practical safeguards and detection logic

• Protect developers using AI tools by:
• Preventing sensitive data exposure
• Validating AI-generated code and actions
• Constraining unsafe automation
• Enable safe usage of AI-assisted development tools (e.g., Claude Code, Codex, Cursor) with:
• Security validation layers
• Controlled prompting and output handling patterns

• 7+ years in security engineering or backend systems
• Proven experience designing and deploying security controls, such as:
• Runtime enforcement layers (proxies, middleware, policy engines)
• Identity and access systems, especially for non-human entities
• Strong programming skills (Python preferred; Go, Java, or TypeScript a plus)
• Experience using AI-assisted development tools such as Claude Code in real workflows, including understanding associated security risks and safeguards
• Experience with:
• Logging, monitoring, and detection systems
• Building or securing API/service interactions
• Practical familiarity with:
• Agentic AI systems or tool-integrated LLM workflows
• OWASP guidance for AI/agent risks

• Experience applying (not just referencing):
• OWASP Agentic AI / LLM risk guidance
• NIST AI RMF concepts in real systems
• CSA guidance on workload and machine identity
• Strong understanding of:
• Zero Trust for non-human identities
• Secrets management and credential scoping
• Observability tooling (e.g., OpenTelemetry, ELK)

• Experience securing internal AI platforms or developer-facing AI tools
• Background in detection engineering, threat hunting, or adversarial testing
• Familiarity with agent frameworks (e.g., LangChain, LlamaIndex)
• Experience mentoring engineers and guiding secure design

At this point, we hope you're feeling excited about the job description you're reading. Even if you don't meet every requirement, we still encourage you to apply. Learning, developing, and growing are key parts of our culture. We're eager to meet people who believe in our mission and can contribute to our team in various ways. We want people to feel comfortable expressing their true selves and to come, stay, and do their best work here.

At Backblaze, we value being fair and good to our customers, partners, and employees. That’s why diversity, equity, and inclusion are at the core of our values. We are committed to fostering a workforce where all employees feel a sense of belonging regardless of race, ethnicity, nationality, gender, sexual orientation, age, religion, socio-economic status, ability, veteran status, and education. We believe that our dedication to cultivating a diverse workspace not only allows us to better serve our customers in over 175 countries, but further reinforces our commitment to doing the right thing. We are proud to be an Equal Opportunity Employer.

To understand more about the data we collect and process as part of your application, please view our Backblaze Employee Privacy Notice.

#LATAM