Senior Application Security Engineer, AI and Machine Learning

Lightning AI is the company behind PyTorch Lightning. Founded in 2019, we build an end-to-end platform for developing, training, and deploying AI systems—designed to take ideas from research to production with less friction.

Through our merger with Voltage Park, a neocloud and AI Factory, Lightning AI combines developer-first software with cost-efficient, large-scale compute. Teams get the tools they need for experimentation, training, and production inference, with security, observability, and control built in.

We serve solo researchers, startups, and large enterprises. Lightning AI operates globally with offices in New York City, San Francisco, Seattle, and London, and is backed by Coatue, Index Ventures, Bain Capital Ventures, and Firstminute.

• →Perform threat modeling across AI platforms, inference services, and ML pipelines
• →Identify risks such as prompt injection, model extraction, adversarial inputs, and data leakage
• →Review model serving architectures and inference pipelines
• →Partner with ML engineers to secure training, fine tuning, and deployment workflows
• →Help design isolation and security controls for multi tenant AI workloads

• Perform architecture and design security reviews
• Conduct targeted code reviews for high risk components
• Identify security gaps in APIs, micro-services, and distributed systems
• Build secure patterns for authentication, authorization, and service to service communication
• Help engineering teams implement secure defaults and guardrails

• Secure customer facing inference APIs and services
• Protect against abuse, model extraction, and adversarial behavior
• Design rate limiting, isolation, and workload protection controls
• Build monitoring and detection for anomalous inference behavior

• Evaluate open source models and dependencies
• Secure model artifacts and distribution pipelines
• Implement integrity validation and provenance controls
• Help secure container images and runtime environments

• Build security automation for AI and application pipelines
• Integrate security scanning into CI/CD workflows
• Develop tooling to help engineers detect and fix issues early
• Improve developer experience with security guardrails

• Strong background in application security engineering
• Experience performing threat modeling and architecture reviews
• Experience securing APIs and distributed systems
• Experience working in cloud environments such as AWS, GCP, or Azure
• Experience with containers and Kubernetes
• Strong scripting or programming skills such as Python, Go, or similar
• Experience working closely with engineering teams to implement security improvements

• Experience securing ML pipelines, inference systems, or data platforms
• Familiarity with risks such as prompt injection, model extraction, and adversarial inputs
• Experience reviewing model serving architectures
• Understanding of training data security and data leakage risks

• Red team or offensive security experience
• Experience crafting payloads and evaluating CVEs for exploitability in diverse environments
• Experience with GPU infrastructure or high performance computing
• Experience with Hugging Face, PyTorch, TensorFlow, or similar frameworks
• Experience with LLM systems, RAG pipelines, or agent frameworks
• Experience building security automation pipelines
• Experience securing multi tenant infrastructure

• Security is embedded into AI platform architecture early
• Engineering teams ship quickly with secure defaults
• Inference platforms are resilient against abuse and extraction
• Model pipelines are secure and auditable
• Security tooling scales with engineering growth

This role sits at the intersection of application security, AI infrastructure, and developer platforms. You will help define how we secure modern AI systems while enabling engineers to move quickly and safely.

You will work closely with engineering leadership and the CISO to build practical, scalable security capabilities that support rapid innovation in AI and machine learning.