Security Engineer

About The Position

Requirements

• Strong Engineering Foundation: 2+ years of software engineering experience. You write clean, tested code (Python preferred) and understand the SDLC.
• Security Mindset: Experience looking at a system design and identifying where it might break. You understand concepts like "Least Privilege," "Defense in Depth," and "Input Validation."
• Communication Skills: You can explain a security risk to a Data Scientist without using jargon, and you can explain an ML constraint to a Security Engineer.
• Understanding of AI/ML: You understand the basic components of an AI system (Data Lake -> Training -> Model Registry -> Inference API) and where security fits into that flow.

Nice To Haves

• Experience with AWS or GCP cloud security architecture.
• Experience using or securing Vector Databases or LLM orchestrators (like LangChain).
• Previous experience in an embedded, automotive, or IoT environment (understanding that code eventually runs on a vehicle or physical hardware).

Responsibilities

• Collaborative Design & Validation (The "Consultant-Builder")
• Security Reviews: Partner with AI product teams during the design phase to review architecture. You will ask the hard questions: Where is this data stored? How is this model isolated? What happens if the prompt is malicious?
• Threat Modeling: Participate in (and eventually lead) threat modeling sessions for new ML features. You will help teams identify risks in their RAG (Retrieval-Augmented Generation) pipelines or autonomous training loops.
• Validation: Don't just trust the design; verify it. Work with QA and Engineering to validate that security requirements (like authZ scopes or encryption) are actually implemented correctly in the final code.
• Engineering & Tooling (The "SWE" Core)
• Build "Paved Roads": Write Python or Go libraries that make doing the "secure thing" the "easy thing" for data scientists. (e.g., a library that automatically handles token encryption for ML jobs).
• Automate Compliance: Instead of asking teams to fill out spreadsheets, build automation that scans our Kubeflow/MLflow clusters to verify they meet security baselines.
• Secure Code Contribution: Submit Pull Requests directly to ML repositories to fix vulnerabilities or harden logic, rather than just filing tickets for others to fix.
• Maturing AI Security (The "Growth" Aspect)
• Define Standards: Help write the "Gold Standard" documentation for how to deploy a secure model at Rivian. You will turn tribal knowledge into engineering standards.
• Vulnerability Management: Assist in triaging findings from bug bounties or internal scans related to our AI surface, and track the "Time to Remediate" to help us understand our maturity gaps.
• Research & Proto-typing: Stay ahead of the curve. Spend time researching new AI attacks (like Model Inversion) and prototype defenses to see if they work in our environment.

Benefits

• The successful candidate may be eligible for annual performance bonus and equity awards.
• We offer a comprehensive package of benefits for full-time and part-time employees, their spouse or domestic partner, and children up to age 26, including but not limited to paid vacation, paid sick leave, and a competitive portfolio of insurance benefits including life, medical, dental, vision, short-term disability insurance, and long-term disability insurance to eligible employees. You may also have the opportunity to participate in Rivian’s 401(k) Plan and Employee Stock Purchase Program if you meet certain eligibility requirements. Full-time employee coverage is effective on their first day of employment. Part-time employee coverage is effective the first of the month following 90 days of employment. More information about benefits is available at rivianbenefits.com.