L5 Security Engineer specializing in Generative AI (GenAI) Security

We seek a talented L5 Security Engineer specializing in Generative AI (GenAI) Security to join our team. This role is critical to identifying and managing the risks posed by existing and emerging GenAI threats within Netflix.

You will help drive the development of scalable technical security controls that enhance business agility and reduce risk. In this role, your primary focus will be on GenAI Security for workforce-related business scenarios.

This Workforce Security Engineer role primarily focuses on securing Netflix's workforce-facing GenAI initiatives, particularly third-party solutions for business productivity scenarios such as low-code/no-code agents and RAG enterprise search. Key responsibilities include identifying and mitigating GenAI threats, educating stakeholders, and providing direct security support to internal partners. The engineer will focus on evaluating the security posture of third-party GenAI products and their integration with internal/external systems (via MCP, OAuth, etc.). This will be done by conducting risk-based security assessments, developing hardening guides and remediation strategies, and performing technical validation via threat modeling, penetration testing, code review (when possible), and control-based attestation using classical Third Party Risk Management (TPRM) techniques.

The role also involves scaling our team's security capabilities by prototyping new tooling, leveraging GenAI for security automation, and performing build-vs-buy evaluations.

Finally, the role requires strong business acumen to translate complex technical risks into clear business risks for stakeholders, informing trade-off decisions. Operational duties include standard business-hours support for the Workforce Security Operations and infrequent 24/7 Incident Response participation.

• Ability to learn and spin up rapidly on quickly evolving GenAI solutions and security concerns
• Some exposure to commercially available GenAI solutions related to search (RAG) and low-code/no-code agentic solutions from major AI 3rd party vendors. Any of: Anthropic, OpenAI, Google, Microsoft
• High-level understanding of Machine Learning/AI fundamentals and architecture, including MCP, A2A, and LLMs
• High-level understanding of GenAI Governance
• GenAI threat taxonomy knowledge - OWASP GenAI Top 10.
• Threat Modeling/Penetration Testing/Code Review/Code Comprehension Skills
• Familiarity with modern GenAI development tools and techniques
• Familiarity with Third-Party Risk Management (TPRM) methodologies
• Scripting (must be able to script, not to production level, and use of GenAI is sufficient)
• Autonomously drives work delivery (bias to action)
• Cross-functional collaboration skills
• High-level familiarity with the functionality of commercially available corporate security tooling in the areas of endpoint, identity, data, and vendor security.
• Ability to navigate ambiguity by taking strategic goals and decomposing them into actionable project plans
• Using measurement and metrics to drive decision-making and outcomes

• Value a deeply collaborative team.
• Use data to inform your judgment, and to support and communicate your decisions.
• Effectively communicate complex subjects to our internal customers and partners.
• Enjoy taking full ownership of open-ended problems, from concept to product, and effectively managing your own time.
• Care about improving the systems around you and leaving things better than you found them.
• Believe a diverse and inclusive team is a critical aspect of a sustainable and effective work environment.
• Empathize with your customers, and have an interest in the overall product lifecycle.
• Challenge the status quo and seek to find novel and customer-centric ways to solve problems.

Generally, our compensation structure consists solely of an annual salary; we do not have bonuses. You choose each year how much of your compensation you want in salary versus stock options. To determine your personal top of market compensation, we rely on market indicators and consider your specific job family, background, skills, and experience to determine your compensation in the market range. The range for this role is $400,000.00 - $680,000.00. This compensation range will vary based on location.

Netflix provides comprehensive benefits including Health Plans, Mental Health support, a 401(k) Retirement Plan with employer match, Stock Option Program, Disability Programs, Health Savings and Flexible Spending Accounts, Family-forming benefits, and Life and Serious Injury Benefits. We also offer paid leave of absence programs. Full-time hourly employees accrue 35 days annually for paid time off to be used for vacation, holidays, and sick paid time off. Full-time salaried employees are immediately entitled to flexible time off. See more details about our Benefits here.

Netflix is a unique culture and environment. Learn more here.

At Netflix, our mission is to entertain the world. Together, we are writing the next episode - pushing the boundaries of storytelling, global fandom and making the unimaginable a reality. We are a dream team obsessed with the uncomfortable excitement of discovering what happens when you merge creativity, intuition and cutting-edge technology. Come be a part of what's next. About the Team Netflix's Workforce Security team protects its employees, endpoints, and vendors by implementing controls for secure user access, SaaS and vendor usage, and endpoint security. The goal is to address security risks while pragmatically enabling business agility, leveraging risk-based approaches rather than policy mandates, and building strong cross-functional partnerships across the company.