Senior Staff Security Engineer, AI

• Drive the AI Security technical strategy and roadmap, defining how Ripple secures its AI systems, governs agentic workflows, and embeds security controls into the AI development lifecycle from day one.
• Design and implement security controls for LLM-integrated and agentic AI systems, including sandboxing, identity and permission scoping, runtime monitoring, and containment of autonomous agent actions that exceed authorized scope.
• Own AI security across the Controlled Agentic SDLC, establishing security guardrails, AI provenance standards, dual-review requirements, and audit trail controls for AI-assisted development across Ripple Engineering.
• Lead the security review and risk assessment of all AI integrations entering production, including LLM APIs, SaaS copilots, AI code editors, agentic workflows, third-party MCP servers, and vendor-embedded AI.
• Build and scale Ripple's Shadow AI detection capability, surfacing unsanctioned AI usage, driving adoption of the AI acceptable use policy, and ensuring all AI workflows operate within Ripple's auditable perimeter.
• Serve as Ripple's go-to technical resource on agentic AI risks, including MCP server security, tool poisoning, prompt injection at the orchestration layer, and excessive agency in multi-agent systems, translating emerging threats into concrete mitigations with Engineering and Product.
• Shape Ripple's external AI security posture, contributing to industry frameworks, engaging regulators, and publishing research that establishes Ripple as a credible voice in responsible AI security., * The opportunity to build in a fast-paced start-up environment with experienced industry leaders
• A learning environment where you can dive deep into the latest technologies and make an impact. A professional development budget to support other modes of learning.
• Thrive in an environment where no matter what race, ethnicity, gender, origin, or culture they identify with, every employee is a respected, valued, and empowered part of the team.
• In-office collaboration for moments that matter is important to our culture, and we give managers and teams the flexibility to decide which 10+ days a month they come in.
• Bi-weekly all-company meeting - business updates and ask me anything style discussion with our Leadership Team
• We come together for moments that matter which include team offsites, team bonding activities, happy hours and more!

Do you have experience in AI models?, * 10+ years of Security Engineering experience with demonstrated depth in at least two domains, such as Product Security, Cloud Security, or Security Operations, and meaningful hands-on exposure to AI or ML security in practice.

• Solid understanding of AI and LLM security concepts, including prompt injection, jailbreaks, data poisoning, model extraction, RAG manipulation, and agentic risks such as tool poisoning, excessive agency, and MCP server vulnerabilities.
• Experience securing agentic AI systems, including sandboxing, permission scoping, human-in-the-loop design, or runtime monitoring for autonomous workflows.
• Fluency with core Security Engineering domains including cloud security on AWS, GCP, or Azure, CI/CD pipeline security, container and Kubernetes security, IAM, and API security, with the ability to reason about how these apply in AI-specific contexts.
• Strong threat modeling instincts, whether using STRIDE, MITRE ATLAS, OWASP LLM Top 10, or your own approach, and comfort applying frameworks to architectures where the playbook remains in development.
• Experience in FinTech, crypto, or other highly regulated environments is a strong plus, ideally with exposure to frameworks like NYDFS, MAS, DORA, or SOC 2 as they relate to AI adoption.
• Proven ability to work across teams, influence technical direction without direct authority, and bring structure to problems that span Engineering, Product, and Security.
• A genuine builder's mentality. You are energized by problems without established playbooks, comfortable building in ambiguity, and motivated by raising the bar in an area that is still being defined.

Pulled from the full job description

• Parental leave
• Health insurance
• Cell phone reimbursement
• Happy hour
• Opportunities for advancement, * Competitive salary, bonuses, and equity
• Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support
• Employee giving match
• Mobile phone stipend

Take Care of Yourself

• R&R days so you can rest and recharge
• Generous wellness reimbursement and weekly onsite & virtual programming
• Generous vacation policy - work with your manager to take time off when you need it
• Industry-leading parental leave policies. Family planning benefits.
• Catered lunches, fully-stocked kitchens with premium snacks/beverages, and plenty of fun events

Benefits listed above are for full-time employees.

Ripple is an Equal Opportunity Employer. We're committed to building a diverse and inclusive team. We do not discriminate against qualified employees or applicants because of race, color, religion, gender identity, sex, sexual identity, pregnancy, national origin, ancestry, citizenship, age, marital status, physical disability, mental disability, medical condition, military status, or any other characteristic protected by local law or ordinance. Please find our UK/EU Applicant Privacy Notice and our California Applicant Privacy Notice for reference.

At Ripple, we're building a world where value moves like information does today. It's big, it's bold, and we're already doing it. Through our crypto solutions for financial institutions, businesses, governments and developers, we are improving the global financial system and creating greater economic fairness and opportunity for more people, in more places around the world. And we get to do the best work of our career and grow our skills surrounded by colleagues who have our backs. If you're ready to see your impact and unlock incredible career growth opportunities, join us, and build real world value., As a Senior Staff Security Engineer focused on AI Security, you will be Ripple's deepest technical expert at the intersection of artificial intelligence and security. This is a purpose-built, high-impact individual contributor role that spans two critical mandates: securing AI systems that Ripple builds and operates, and harnessing AI to make Ripple's security function faster, smarter, and more scalable. You will lead the technical strategy for AI security across the agentic SDLC, define and operationalize guardrails for LLM and agentic AI adoption, and build AI-powered security tooling in close partnership with the broader organization to embed AI security into how Ripple operates every day. You will also shape Ripple's external posture on AI security, contributing to industry standards, regulatory discussions, and Ripple's published security practices.