Principal AI Security Engineer

We do. We can’t cram it all in here, but you’ll start noticing it from the first interview.

Even our candidate experience is different. And when you get an offer from us (and accept it), you get way more than a paycheck. You get a personal BetterUp Coach, a development plan, a trained and coached manager, the most amazing team you’ve ever met (yes, each with their own personal BetterUp Coach), and most importantly, work that matters.

This makes for a remarkably focused and fulfilling work experience. Frankly, it’s not for everyone. But for people with fire in their belly, it’s a game-changing, career-defining, soul-lifting move.

If that sounds exciting—and the job description below feels like a fit—we really should start talking.

The Principal AI Security Engineer is a strategic individual contributor role responsible for advancing BetterUp’s product and application security posture across our AI-powered SaaS platform. This role operates at the intersection of software engineering, AI/ML implementation, product development and secure engineering, driving the design and delivery of secure product and AI features that power our coaching platform.

Serving as a technical thought leader and security domain expert, this role partners closely with Engineering, Product, and AI teams to ship features and embed secure development practices into the SDLC, proactively manage risk, and ensure our capabilities meet customer needs and security standards.

• Partner with Product and Engineering teams to design, build, and ship AI features across BetterUp's customer-facing platform, with a focus on Ruby on Rails and modern web technologies and ensure security is embedded early in the product lifecycle.

• Drive engineering excellence through code reviews, technical documentation, and establishing best practices for AI feature development and AI security.

• Contribute to and help evolve GitHub workflows, including code releases, release notes automation, feature flag management, and deployment pipelines.

• Lead application-level security architecture roadmap reviews and define secure patterns for authentication, authorization, data protection, and API security.

• Evaluate new technologies and services for security risks and support secure vendor selection and integration.

• Contribute to and help evolve BetterUp’s secure development lifecycle and product security engineering standards.

• Partner with AI/ML teams to assess, mitigate, and monitor risks unique to GenAI and AI/ML model integration, including prompt injection, data leakage, and model manipulation.

• Provide deep expertise in secure coding practices, threat modeling, design reviews, and static/dynamic analysis to Engineering teams delivering core user-facing functionality.

• Serve as a security SME for AI-centric features, helping teams align with AI governance, security, and ethical use frameworks (e.g. ISO 42001).

• Serve as a technical advisor and thought partner to Product Managers and Engineering Leads on product security strategy and implementation approaches.

• Mentor engineers on AI/ML best practices, secure coding patterns, and modern software development techniques.

• Participate actively in design reviews, sprint planning, and architecture discussions to influence product direction

• 8+ years of experience in software engineering, with 4-5 years experience with a strong emphasis in the AI/ML space

• 5+ years Ruby on Rails; experience with modern web frameworks, APIs, and cloud-native architectures.

• Hands-on experience with SAST/DAST tooling, threat modeling, secure code review, and vulnerability management pipelines.

• Experience collaborating with internal stakeholders (including the product, engineering and go-to-market teams) as well as external partners to ensure alignment of security goals with product roadmaps.

• Demonstrated ability to influence engineering teams and drive secure design decisions without formal authority.

• Security awareness and experience implementing secure coding practices, conducting threat modeling, or building features with data protection requirements.

• Bonus: experience supporting or operating bug bounty or coordinated vulnerability disclosure programs.

• Strategic and pragmatic thinking with the ability to balance risk and product velocity.

• Technical depth in modern cloud-native architectures and software development lifecycles.

• Clear, concise communication skills for engaging engineers, executives, and customers.

• Comfort with ambiguity and evolving regulatory standards in AI security and governance.

• Passion for mentoring and sharing knowledge across cross-functional teams.

Our team thrives at the intersection of human expertise and AI capability. As an AI-forward company, adaptation and continuous learning are part of our daily work. We're looking for teammates who are excited to evolve alongside technology – people who experiment boldly, share their discoveries openly, and help define best practices for AI-augmented work. These professionals thoughtfully integrate AI into their work to deliver exceptional results while maintaining the human judgment and creativity that drives real innovation. During our interview process, you’ll have opportunities to showcase how you harness AI to learn, iterate, and amplify your impact.