AI Security Engineer
ChatGPT Jobs · Palo Alto, CA · 6 days ago
Information TechnologyFull-time
About the role
AI is the fastest-moving attack surface in the enterprise. Copilot, ChatGPT Enterprise, Gemini, Claude, and a wave of agentic tools are being wired into corporate SaaS faster than security teams can keep up — with broad OAuth scopes, opaque data flows, and non-human identities acting on behalf of employees. Obsidian sits directly in the path of this shift.
Responsibilities
- Develop deep expertise in how AI platforms (ChatGPT Enterprise, Copilot, Gemini, Claude, Glean, agentic frameworks) authenticate, what scopes they request, and where risk concentrates.
- Research emerging AI attack techniques — prompt injection, tool/agent misuse, RAG poisoning, over-permissioned integrations — and turn them into detections and posture checks.
- Build threat models covering identity, data access, non-human identities, and integration risk.
- Prototype and ship product features end-to-end against Obsidian's AI and SaaS telemetry.
- Build and improve data pipelines for high efficiency, development velocity, and low cost.
Requirements
- 3+ years in security engineering as a builder, with clear ownership of shipped work.
- Strong grasp of identity and access control concepts.
- Hands-on experience with a modern data stack (DBT and a columnar warehouse or query engine such as ClickHouse, Snowflake, BigQuery, or Databricks).
- Clear communicator across engineers, PMs, and customer security teams.
Nice to have
- Strong grasp of how SaaS platforms (Google Workspace, Microsoft 365, Salesforce, Okta) expose data — APIs, event schemas, permissions, auth flows.
- Deep knowledge of AI and SaaS security — OWASP LLM Top 10, MITRE ATLAS, prompt injection, agent/tool-use risks, OAuth abuse, and identity models across major AI and SaaS platforms.
Location
Palo Alto, CA On-site, Remote