AI-Application Security Engineer

What You'll Be Doing The AI-Application Security Engineer is responsible for implementing and scaling technical security controls and security processes across internally developed applications and AI-enabled systems. This role partners directly with engineering teams to embed security into the software development and AI lifecycles, and, in partnership with the AI-Application Security Architect, contributes to detailed technical design and operationalizes security architecture, standards, and secure-by-design practices. This engineer operates with moderate autonomy, leads security initiatives end-to-end, and contributes to the evolution of application and AI security capabilities. The role requires strong hands‑on technical depth in secure software development, application security testing, vulnerability management, and emerging AI security risks, including prompt injection, model abuse, insecure integrations, and data leakage. What We're Looking For In partnership with the AI-Application Security Architect, contribute to detailed technical design and operationalize security architecture, standards, and approved security patterns across application and AI-enabled systems. Partner directly with engineering teams to embed security controls and secure-by-design practices into the software development lifecycle and AI lifecycle. Evaluate, test, and perform technical validation of AI and application security tools, including AI red teaming, AI and MCP gateways, DAST, SAST, SCA, API security, and mobile application security capabilities. Implement, integrate, tune, and scale security tooling across application and AI environments, including runtime monitoring, governance controls, testing platforms, and posture management capabilities, with a focus on coverage, signal quality, and operational effectiveness. Leverage AI and automation to scale security operations, vulnerability management, and developer enablement through technologies such as Python, AWS services, and CI/CD pipelines. Triage, validate, and prioritize vulnerabilities identified through application and AI security tools, assess risk in business and technical context, and partner with engineering teams to drive timely remediation. Provide hands‑on guidance to developers, including low‑code and no‑code users, on secure development practices, platform‑specific risks, secure integration patterns, and remediation approaches. Support the security review and risk assessment of AI platforms, models, agents, skills, MCPs, and third‑party integrations by applying defined controls, documenting risk decisions, and helping establish scalable onboarding and governance practices. Develop, maintain, and improve secure coding standards, implementation guidance, guardrails, and technical documentation for both application and AI use cases. Stay current on emerging cybersecurity threats, particularly in AI security, and incorporate relevant mitigations into security tooling, engineering practices, and control design. Contribute to a strong security engineering culture by mentoring junior engineers, sharing technical knowledge, and helping mature application and AI security practices across the organization. What You'll Bring Understanding of application and AI security principles, methods, and technologies, including AI-specific risks such as prompt injection, model abuse, insecure agentic integrations, and data leakage. Strong analytical and problem‑solving skills with the ability to identify and mitigate security risks across both traditional application and AI-enabled systems. Strong verbal and written communication and collaborative skills. Ability to effectively communicate technical topics to technical and non‑technical audiences. Ability to prioritize workload and consistently meet deadlines. Security architecture, threat modeling, secure design. Strong analytical and problem‑solving skills. Education & Experience Minimum Required: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Computer Engineering, Software Engineering, or a related combination of education and experience. Minimum Required: 2+ years of information security or software development experience. Licenses & Credentials Preferred: CISSP, CSSLP, GIAC or similar. Systems & Technology Preferred: C#, Angular, Python programming experience. Preferred: Experience in cloud platforms, AWS, Github. Experience with application security tooling; SAST, DAST, SCA, API, Mobile, Red Team. Experience with AI tools (AI Coding assistants, Skills, MCPs, Agents). At Stifel we offer an entrepreneurial environment, comprehensive benefits package to include health, dental and vision care, 401k, wellness initiatives, life insurance, and paid time off. Stifel is an Equal Opportunity Employer. #J-18808-Ljbffr Stifel Financial Corp.