Senior Security Engineer, AI/ML

Company Overview

Qualys is a leading provider of cloud-based security and compliance solutions, processing vast amounts of data to help our global customers secure their networks, devices, and applications. With a strong focus on innovation and scale, Qualys empowers organizations to achieve continuous security and compliance through real-time visibility and analytics. As we continue to grow, we are looking for passionate and skilled professionals to join our mission in redefining the future of cybersecurity.

Position Overview

We are seeking a Senior Security Engineer - AI/ML who sits at the intersection of hands-on AI/ML engineering and offensive security research. You will both build and break: designing and deploying GenAI and agentic systems that power next-generation threat detection, while red teaming those same systems to uncover prompt injection exploits, adversarial inputs, model manipulation, and other emerging AI threats.

This is a senior, dual-mandate role for an engineer who is equally comfortable orchestrating multi-agent pipelines and RAG architectures as they are tearing them apart to find weaknesses. You will set the technical bar for secure-by-design AI at Qualys, mentor other engineers, and translate research into production hardening strategies.

Key Responsibilities

Build

• Build and deploy GenAI applications using LangChain, LlamaIndex, or similar frameworks, and orchestrate agentic AI workflows with tools such as AutoGen, CrewAI, or custom agent-based architectures.

• Design, train, and evaluate ML models from scratch, spanning both classical ML and deep learning, and develop end-to-end pipelines for ingestion, preprocessing, training, evaluation, and deployment.

• Implement and optimize RAG pipelines using embeddings and vector databases (e.g., FAISS, Pinecone, Qdrant), with security and data-leakage controls built in from the start.

• Write robust backend APIs in Python to serve models, process data, and integrate with cloud infrastructure; monitor model performance, latency, and accuracy in production and iterate continuously.

Break

• Conduct in-depth research on security vulnerabilities in LLMs and AI systems, including prompt injection, jailbreaks, data leakage, model theft, and adversarial attacks.

• Design and execute offensive security assessments and red teaming campaigns against GenAI and ML-powered systems, including the agentic pipelines built in-house.

• Identify and classify novel threat vectors targeting model inference, training pipelines, and model-serving architectures.

• Contribute to and build internal tooling for scanning, fuzzing, and automating LLM vulnerability discovery.

Lead & Communicate

• Collaborate cross-functionally with product and engineering teams to design secure AI-powered features and define hardening strategies.

• Develop proof-of-concepts, technical whitepapers, or blog posts on emerging threats and best practices; monitor threat intelligence and academic research on AI model security and supply chain risks.

• Represent Qualys in security and AI research communities through speaking, publishing, or standardization efforts, and mentor engineers on secure AI development.

Required Qualifications

• 6+ years of combined experience across software engineering / machine learning and security research, penetration testing, or exploit development, with a focus on application or cloud security.

• Strong programming skills in Python, including building APIs and backend components, plus scripting and automation for testing and PoC development.

• Experience training ML models using Scikit-learn, TensorFlow, or PyTorch, and a strong working knowledge of LLM architectures (transformers, embeddings, fine-tuning, RAG).

• Hands-on experience with LangChain, LlamaIndex, or other GenAI frameworks, and with building multi-agent or autonomous AI workflows.

• Familiarity with GenAI-specific risks such as prompt injection, model evasion, hallucination-based exploits, data leakage, or model theft, and with LLM deployment scenarios (e.g., OpenAI, HuggingFace, custom-hosted models) and their threat surfaces.

• Ability to analyze logs, API interactions, inference responses, and prompt chains to identify anomalous or risky behavior.

• Working knowledge of SQL, Pandas, and large-scale data processing, with experience developing and deploying ML systems in Agile environments.

• Strong analytical mindset, excellent technical writing skills, and familiarity with responsible disclosure practices, bug bounty programs, or security research ethics.

Preferred Qualifications

• Background in AI/ML security red teaming or adversarial ML.

• Knowledge of vector database risks, insecure RAG pipelines, model fingerprinting, and AI model supply chain attacks.

• Experience using or contributing to tools such as AutoGen, CrewAI, MetaGPT, Guardrails.ai, LLM Guard, or Tracer.

• Familiarity with LLMs such as GPT-4, Claude, Mistral, LLaMA, or Falcon, and integrating them via APIs.

• Experience with cloud platforms (AWS, GCP, Azure), containerized deployments, and MLOps tooling for monitoring, retraining, and CI/CD automation.

• Familiarity with Secure SDLC and threat modeling frameworks (e.g., STRIDE, MITRE ATLAS) and AI-specific security checklists.

• Publications or presentations at conferences such as Black Hat, DEF CON, USENIX, NeurIPS, or OWASP, and contributions to AI/ML projects in security, compliance, or enterprise applications.

Our Work Environment

• Collaborative & Transparent: We use virtual collaboration and pairing tools to share ideas openly. Siloed work is discouraged - teamwork is our strength.

• Agile & Flexible: We focus on delivering incremental value, adapting processes only when they serve our goals.

• Diverse & Inclusive: We believe in building teams with diverse perspectives, which fuels creativity and innovative problem-solving.

• People-Focused: Our people are our most valuable asset. We invest in personal growth and align individual strengths to company objectives.

Why Join Us?

• Leadership Impact: Help drive a security-first culture and shape the defense landscape of next-generation AI systems at global scale.

• Cutting-Edge Technology: Build and harden real-world LLM, GenAI, and agentic systems on scalable, cloud-native infrastructure.

• Professional Growth: Access broad resources, mentorship, certifications, and exposure to cutting-edge research.

• Inclusive Culture: Join a team that values diverse thinking, critical research, openness, and continuous improvement.

• Competitive Compensation: We offer a comprehensive benefits package, including healthcare, retirement plans, and more.

******************************************************************************************************************

The salary range for this position is $115,000 - $140,000 per year. Final compensation will be determined based on several factors, including but not limited to skills, relevant experience, and work location. Please note this range reflects base salary and does not include incentive compensation or potential equity grants. We also offer a comprehensive and highly competitive benefits package.