AI Product security Engineer

Distro, Inc.

Job Overview

Location

Michigan

Job Type

Full-time

Full Job Description

📋 Description

• As a Senior AI Security Engineer at Distro, Inc., you will serve as the in-house expert on AI security threat models and standards, playing a critical role in securing the company’s expanding use of GenAI developer tools, IDE/CLI agents, desktop agents, and MCP-based workflows. Your work will directly minimize bespoke review overhead by standardizing evaluation and governance processes, ensuring that AI tools are safely approved and operated at scale through enforceable guardrails and capability-based frameworks.
• You will apply and operationalize the OWASP Top 10 for LLM Applications and Agentic Applications (2026) to real-world systems, creating client-specific mappings for required controls and approval conditions. This includes leading AI security testing that is fast, thorough, and AI-accelerated, designing and conducting adversarial evaluations for agentic tools, and building automated test harnesses, reproducible PoCs, and regression suites to validate security across new releases.
• Your responsibilities extend to shaping client-side defenses and reference architectures by defining minimum bar guardrail architectures for AI developer tooling, collaborating with other security teams to ensure policies are enforceable (not just documented), and standardizing vendor and model onboarding through reusable artifacts like standard security and telemetry requirements and default trust tiers.
• You will provide guidance for hosting open-source models, promote developer-facing clarity and adoption by publishing and maintaining clear guidance on desktop agents vs IDE/CLI agents, and clarifying safe defaults versus behavior restrictions with measurable outcomes. Additionally, you will conduct office hours and enablement sessions to align stakeholders on a shared playbook, fostering organizational alignment and continuous learning.
• On a day-to-day basis, you will collaborate closely with engineering teams and EngSe partners to establish consistent, capability-based frameworks for AI tool approval and operation. You will deliver clear outputs including reproduction steps, severity rationale, mitigations, vendor requests, and guardrails, while advocating for systemic fixes. You will also develop policy-as-code, evaluation automation, and security gates for tool onboarding, and engage vendors to influence product improvements based on security findings.
• This role offers the opportunity to deepen expertise in cutting-edge AI security domains, including agentic systems, MCP-style integrations, and LLM-based threat modeling. You will achieve cross-team alignment on scalable security standards, influence vendor product roadmaps, and help shape industry-best practices for AI tool governance in enterprise environments.
• You will gain hands-on experience building automated security testing infrastructure, creating reproducible exploit PoCs, and translating technical findings into actionable guidance for developers and leadership. Your work will directly impact the safety and reliability of AI-powered development workflows used across the organization.
• By joining Distro, Inc., you will become part of a forward-thinking team committed to responsible AI innovation, where your contributions will help establish trustworthy, secure, and scalable AI tooling practices that balance innovation with risk mitigation.

🎯 Requirements

• 8+ years in security engineering (AppSec, offensive security, or security architecture), including 1+ years focused on GenAI/LLM/agentic security
• Proven expertise in the OWASP LLM Top 10 and applying it to real systems
• Proven expertise in agentic system risks and applying the OWASP Agentic Top 10 (2026)
• Experience in secure software architecture
• Strong hands-on skills for executing and explaining complex security testing, including reproducible PoCs and clear mitigations
• Proven ability to write scalable standards and achieve cross-team alignment
• Excellent communication skills with senior engineers and security specialists

🏖️ Benefits

• Opportunity to work on cutting-edge AI security challenges involving GenAI developer tools, IDE/CLI agents, desktop agents, and MCP-based workflows
• Influence vendor product improvements through direct engagement and security feedback
• Build reusable artifacts such as policy-as-code, evaluation automation, and security gates for tool onboarding
• Shape enterprise-wide AI governance frameworks and reference architectures
• Conduct office hours and enablement sessions to promote developer-facing clarity and adoption
• Work in a remote-friendly environment with a focus on impact and innovation

Skills & Technologies

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Distro, Inc.

Visit Website

About Distro, Inc.

Distro provides an AI‑powered global hiring platform that automates resume vetting, candidate screening and matching, interview scheduling, contractor payments and payroll/EOR services to help companies recruit and onboard talent across 200+ countries.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.