Enterprise AI Security Engineer

Join GitLab as a Senior Security Engineer, leading the development and implementation of robust security frameworks for internal AI/ML systems. You will ensure responsible enterprise AI adoption, safeguard sensitive data, and protect against evolving AI-specific threats—all within a fully remote, asynchronous global environment.

Key Responsibilities

• Design comprehensive security architectures for internal AI systems, including LLMs and AI-powered business applications.
• Monitor and secure Model Context Protocol (MCP) deployments, setting authentication standards and overseeing interactions across tools.
• Architect and implement identity management for non-human entities, enforcing zero-trust and least-privilege access controls.
• Govern and secure employee use of AI assistants (e.g., ChatGPT, Claude) through DLP controls, monitoring, and policy enforcement.
• Collaborate cross-functionally with IT, Legal, Product, and Security teams to drive secure AI adoption and evaluate new tools.

Required Skills & Qualifications

• 5+ years in information security, with 2+ years in enterprise AI/ML security.
• Expertise in enterprise AI adoption, shadow IT risks, and data loss prevention.
• Strong background in identity and access management, including non-human identity governance.
• Experience with service accounts, API keys, secrets management, and automated system authentication.
• Proficiency in cloud security (AWS, GCP, Azure) and scripting languages (Python, Go, Ruby, Node.js).
• Understanding of API security, OAuth, SAML, and modern authentication protocols.
• Excellent communication skills for a transparent and global team culture.
• Preferred: Experience with MCP and enterprise AI platforms (OpenAI, Anthropic, Google Vertex AI, AWS Bedrock).
• Knowledge of browser security, endpoint protection, and remote work security considerations.
• Published research or contributions to enterprise AI security communities are a plus.