AI Security Engineer

Join Fortinet, a cybersecurity pioneer with over two decades of excellence, as we continue to shape the future of cybersecurity and redefine the intersection of networking and security. At Fortinet, our mission is to safeguard people, devices, and data everywhere.

Fortinet is seeking an experienced and innovative AI Security Engineer to join our Corporate Information Security team. As an AI Security Engineer, you will play a crucial role in ensuring the security, safety, and privacy of our AI-driven applications while collaborating with cross-functional teams and providing technical expertise.

Key Responsibilities:

• Serve as an AI security subject matter expert who provides guidance to internal teams
• Work closely with development teams, conduct code reviews, perform AI Red Teaming assessments, to identify vulnerabilities in existing codes and new features, and participate in architectural reviews to ensure security is considered early in the development lifecycle.
• Perform threat modeling for AI-related products, such as chatbots, MCPs implementations, and autonomous agents.
• Integrate Security and AI-Specific checks into CI/CD workflows to automate security testing and ensure consistent application of best practices.
• Develop, implement, and communicate vulnerability mitigation strategies
• Develop strategies, evaluate solutions, design and implement tools, processes and controls to ensure that security, safety and privacy are designed in Fortinet AI applications.
• Develop and maintain security guardrails, input/output filters, and policy enforcement layers for LLM interactions
• Proactively research new attack vectors on AI applications that may affect Fortinet applications and infrastructure.
• Be part of a global distributed team to share knowledge, workload and assignments. Strong sense of teamwork is required. Coach peers in AI/ML security concepts and best practices.

Minimum Qualifications

• 7+ years of work experience as an Information security, product security, application security, AI/ML or data science related fields.
• Strong understanding on LLM Based Application architectures, technologies, frameworks, and foundational concepts like training, vector databases, memory, tool usage, MCP, Agentic AI, Guardrails etc.
• Solid understanding on current attacks on ML models, including adversarial examples, prompt injection, training data extraction, model extraction, and data poisoning.
• Solid understanding on LLM moderation, prompt engineering and guardrails.
• Strong understanding on OWASP TOP 10 and OWASP LLM Top 10 risks.
• Strong understanding of common API security risks
• Strong understanding on Cloud-Native application architecture, microservices, containerization technologies, secure deployment and implementation issues.
• Proven experience in manual application penetration testing
• Proven experience in security code review
• Strong foundation in computer and network security, authentication & authorization, security protocols and applied cryptography
• Solid understanding on CI/CD pipelines, build systems and DevSecOps principles.
• Experience defining security architecture patterns and standards in a large enterprise organization.
• Experience with cloud-based security solutions and familiarity with cloud service providers, particularly in relation to AI Security
• Experience working with threat modeling methodologies such as STRIDE, MAESTRO etc.
• Solid understanding of OAuth and JWT implementations.
• Ability to organize & communicate effectively, both written and verbal, with technical and non-technical people across functional teams
• A BS degree in Computer Science, Cyber Security, other tech-related degree, or equivalent experience.

Ways to Stand Out

• MS or PhD in, Artificial Intelligence or related field
• Experience in AI Red teaming or adversarial testing of AI/ML applications.
• Use of AI in vulnerability research or some other offensive domain
• Experience analyzing AI-generated code for security issues
• Demonstrated experience in MLops or Deep learning related infrastructure
• Understanding of data science, statistical analysis, and visualization
• Background of AI Trust principles and familiarity with application of ethical and safety perspectives to AI implementations.
• Strong understanding on EU AI Act, GDPR, ISO 42001 or NIST AI RMF like frameworks.

About Our Team:

Join our team, known for its collaborative ethos, working seamlessly with global customers, internal engineering teams and product development groups. Our team culture emphasizes continuous learning, innovation, and a strong commitment to customer satisfaction. We embrace Fortinet's core values of openness, teamwork and innovation, fostering an environment where team members support each other, share knowledge, and leverage AI to solve complex technical challenges. Our inclusive and dynamic team thrives on collaboration and is driven by the shared goal of maintaining Fortinet's high standards of excellence in cybersecurity solutions.

Why Join Us:

We encourage candidates from all backgrounds and identities to apply. We offer a supportive work environment and a competitive Total Rewards package to support you with your overall health and financial well-being. Embark on a challenging, enjoyable, and rewarding career journey with Fortinet. Join us in bringing solutions that make a meaningful and lasting impact to our 660,000+ customers around the globe.

The US base salary range for this full-time position is $160,000-$220,000. Fortinet offers employees a variety of benefits, including medical, dental, vision, life and disability insurance, 401(k), 11 paid holidays, vacation time, and sick time, as well as a comprehensive leave program.

Wage ranges are based on various factors, including the labour market, job type, and job level. Exact salary offers will be determined by factors such as the candidate's subject knowledge, skill level, qualifications, experience, and geographic location.

All roles are eligible to participate in the Fortinet equity program. Bonus eligibility is reviewed at the time of hire and annually at the Company's discretion.