Senior AI Security Engineer

Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms, private equity firms, and investment banks that finance and advise them. The firm has approximately 1,100 attorneys in 17 offices: 13 in the U.S., two in China, and two in Europe. Our broad spectrum of practices and entrepreneurial spirit allow exceptional opportunities for professional achievement and career growth.

Wilson Sonsini is looking for a Senior AI Security Engineer to join the Security Operations team. The Senior AI Security Engineer, under the direction of the Director, Security Engineering and Operations, sits at the frontier of AI infrastructure and enterprise security — a rare opportunity to architect how one of the world’s leading law firms builds and deploys AI systems with security and trust at their core. This role is designed for someone who understands how models are attacked and how to harden them, and who is energized by the challenge of securing AI-native workflows in a legal environment. You will own the firm’s AI security engineering function: designing secure AI pipelines, evaluating MCP server integrations and agentic architectures, and serving as the technical authority for AI security across the firm’s growing ecosystem of AI-powered tools and platforms.

This position is available as a fully virtual opportunity.

Essential Duties and Responsibilities:

• Collaborate on designing secure-by-default patterns for LLM integration, agentic workflows, retrieval-augmented generation (RAG) pipelines, and MCP server deployments across firm systems
• Lead security architecture reviews for MCP (Model Context Protocol) integrations — evaluating tool definitions, server trust boundaries, prompt injection attack surfaces, and tool call authorization models before any MCP server is connected to firm data or workflows
• Build and operate AI threat modeling and red teaming capabilities — developing adversarial test suites for prompt injection, jailbreaking, data exfiltration via LLMs, model inversion, and supply chain attacks on AI/ML dependencies
• Engineer secure data pipelines for AI systems — implementing data loss prevention controls, confidentiality boundaries, and least-privilege access patterns for LLMs interacting with firm data
• Partner with IT, Information Security, and practice group leaders to evaluate and approve AI vendor integrations
• Develop and maintain security standards and engineering guardrails for AI development across the firm — including secure coding practices for AI-adjacent code, model output validation, hallucination detection controls, and audit logging for AI-assisted attorney workflows
• Perform related duties as assigned by supervisor
• Maintain compliance with all company policies and procedures

Education and/or Work Experience Requirements:

• Bachelor’s degree in Computer Science, cybersecurity, or a related technical field required
• 5+ years of experience in application security, cloud security, or AI/ML engineering, with at least 2 years focused on AI system security — building, breaking, or hardening LLM-based or agentic AI systems in production environments
• Hands-on familiarity with the Model Context Protocol (MCP) — including how MCP servers are structured, how tool definitions are exposed to models, how to audit MCP server codebases for injection vulnerabilities, and how to implement secure MCP deployment patterns in enterprise environments
• Demonstrated experience with AI threat modeling — including OWASP LLM Top 10, adversarial ML attack techniques (prompt injection, jailbreaking, data poisoning, model extraction), and practical mitigations that work in production rather than just in theory
• Solid command of cloud security fundamentals (AWS, Azure, or GCP) as applied to AI workloads — including secure API gateway configuration, secrets management for model API keys, network isolation for AI inference endpoints, and identity-aware proxy patterns for LLM access control
• Experience securing agentic AI systems — understanding how multi-step reasoning pipelines, tool-using agents, and autonomous AI workflows introduce novel attack surfaces, and how to implement guardrails, human-in-the-loop controls, and scoped permissions that prevent runaway or adversarially manipulated agents
• Experience in a law firm is a plus — more important is the ability to communicate complex AI security concepts clearly to non-technical stakeholders, including attorneys and firm leadership who need to make informed decisions without a security background
• Relevant certifications (OSCP, GREM, Azure Security Engineer, or similar) are valued; more important is demonstrated hands-on work — a strong GitHub profile, original research, or CTF wins speaks louder than credentials alone
• Intellectual curiosity and a builder’s mindset — this role is for someone who gets energized by the pace of AI development and who stays current not just by reading about AI security but by experimenting with models, tools, and attack techniques firsthand
• Comfortable working in a fast-moving environment where the AI landscape shifts faster than any governance framework can keep up — able to make sound risk judgments under ambiguity and bring stakeholders along with you
• Self-directed and resourceful — able to build a program from the ground up, prioritize intelligently across competing demands, and drive work to completion without waiting to be told exactly how

The primary location for this job posting is in Palo Alto, but other locations may be listed. The actual base pay offered will depend upon a variety of factors, including but not limited to the selected candidate’s qualifications, years of relevant experience, level of education, professional certifications and licenses, and work location. The anticipated pay range for this position is as follows:

Palo Alto, New York, San Francisco: $163,200 - $220,800 per year. Austin, Boston, Boulder, Century City, Delaware, Los Angeles, Salt Lake City, San Diego, Seattle, Washington, D.C., and all other locations: $147,050 - $198,950 per year.

The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package.

Benefits information can be found here. Equal Opportunity Employer (EOE).