Backblaze External Website - Sr. AI Security Engineer

• Agentic AI Safeguards • Architect and implement guardrails for tool-using AI systems, including: • guardrails for tool-using AI systems • Tool access controls and allowlists • Context and memory isolation • Step-level validation of agent actions • OWASP Agentic AI Top 10 • Runtime Security Controls • Build enforcement mechanisms that govern AI behavior at execution time: • enforcement mechanisms • Interceptors, proxies, or middleware for tool/API calls • Policy decision and enforcement layers • Rate limits, execution bounds, and kill-switches • Prevent unsafe or unauthorized actions initiated by AI systems • Non-Human Identity (NHI) • Design and implement identity and access controls for agents and automation, including: • identity and access controls for agents and automation • Short-lived credentials and scoped permissions • Clear separation between human and non-human access • Strong binding of identity to task context and execution • Ensure all AI actions are attributable and auditable • attributable and auditable • Observability & Detection • Implement logging and tracing for AI activity: • logging and tracing for AI activity • Prompts, tool usage, and decision flows • Build detection capabilities using: • Behavioral baselining and anomaly detection techniques • Identify and alert on: • Abnormal tool usage • Suspicious prompt patterns • Unexpected data access • Threat Modeling (MAESTRO) • Perform agentic system threat modeling using MAESTRO, including: • agentic system threat modeling using MAESTRO • Mapping agent capabilities, trust boundaries, and attack paths • Modeling misuse and adversarial scenarios • Translate findings into practical safeguards and detection logic • practical safeguards and detection logic • Protect developers using AI tools by: • Preventing sensitive data exposure • Validating AI-generated code and actions • Constraining unsafe automation • Enable safe usage of AI-assisted development tools (e.g., Claude Code, Codex, Cursor) with: • Claude Code, Codex, Cursor • Security validation layers • Controlled prompting and output handling patterns • The Right Fit: • The Right Fit: • 7+ years in security engineering or backend systems • security engineering or backend systems • Proven experience designing and deploying security controls, such as: • designing and deploying security controls • Runtime enforcement layers (proxies, middleware, policy engines) • Identity and access systems, especially for non-human entities • Strong programming skills (Python preferred; Go, Java, or TypeScript a plus) • Experience using AI-assisted development tools such as Claude Code in real workflows, including understanding associated security risks and safeguards • AI-assisted development tools such as Claude Code • Experience with: • Logging, monitoring, and detection systems • Building or securing API/service interactions • Practical familiarity with: • Agentic AI systems or tool-integrated LLM workflows • OWASP guidance for AI/agent risks • Practitioner Knowledge • Experience applying (not just referencing): • OWASP Agentic AI / LLM risk guidance • NIST AI RMF concepts in real systems • NIST AI RMF • CSA guidance on workload and machine identity • CSA guidance • Strong understanding of: • Zero Trust for non-human identities • Secrets management and credential scoping • Observability tooling (e.g., OpenTelemetry, ELK)