Search...

Senior Staff Security Engineer, AI

Ripple logo
Ripple

Ripple provides crypto and blockchain solutions for enterprises, enabling global financial entities to move, manage, and tokenize value. They focus on improving existing financial systems through partnerships and regulatory compliance, with products used in over 50 countries.

Distributed
About Ripple

Ripple is an enterprise blockchain and crypto solutions company that aims to enable the world to move value as seamlessly as information moves today. Their mission is to build breakthrough crypto solutions for a world without economic borders. Using blockchain technology, Ripple facilitates global financial institutions, businesses, governments, and developers to move, manage, and tokenize value, thereby unlocking greater economic opportunity. The company works within existing financial systems to improve them, partnering with customers to streamline infrastructure and collaborating with regulators to ensure solutions are secure and compliant. Ripple's products are in commercial use by hundreds of customers across more than 50 countries, helping them expand into new markets, access liquidity solutions, and generate crypto-enabled revenue streams. They also support developers by providing tools for building on the XRP Ledger, a fast and sustainable public blockchain. Ripple’s payments, custody and stablecoin solutions empower financial institutions to integrate blockchain and digital assets into their business in a simple, secure, compliant way—all in one place. From instant payments to asset tokenization, blockchain and crypto are happening right now, across the world. It’s happening to suppliers, to retailers, to exchanges, to currencies, to sectors, to industries, to markets, and to global businesses. And it’s happening with Ripple.

View jobs by Ripple

Skills

About the Role

You will be Ripple's deepest technical expert at the intersection of artificial intelligence and security. This purpose-built, high-impact individual contributor role spans securing AI systems that Ripple builds and operates, and harnessing AI to make Ripple's security function faster, smarter, and more scalable. You will lead the technical strategy for AI security across the agentic SDLC, define and operationalize guardrails for LLM and agentic AI adoption, and build AI-powered security tooling in close partnership with the broader organization. You will also shape Ripple's external posture on AI security, contributing to industry standards, regulatory discussions, and Ripple's published security practices.

Requirements

  • 10+ years of Security Engineering experience with demonstrated depth in at least two domains, such as Product Security, Cloud Security, or Security Operations, and meaningful hands-on exposure to AI or ML security in practice
  • Solid understanding of AI and LLM security concepts, including prompt injection, jailbreaks, data poisoning, model extraction, RAG manipulation, and agentic risks such as tool poisoning, excessive agency, and MCP server vulnerabilities
  • Experience securing agentic AI systems, including sandboxing, permission scoping, human-in-the-loop design, or runtime monitoring for autonomous workflows
  • Fluency with core Security Engineering domains including cloud security on AWS, GCP, or Azure, CI/CD pipeline security, container and Kubernetes security, IAM, and API security
  • Strong threat modeling instincts, whether using STRIDE, MITRE ATLAS, OWASP LLM Top 10, or your own approach
  • Experience in FinTech, crypto, or other highly regulated environments is a strong plus, ideally with exposure to frameworks like NYDFS, MAS, DORA, or SOC 2
  • Proven ability to work across teams, influence technical direction without direct authority, and bring structure to problems that span Engineering, Product, and Security
  • A genuine builder's mentality

Responsibilities

  • Drive the AI Security technical strategy and roadmap, defining how Ripple secures its AI systems, governs agentic workflows, and embeds security controls into the AI development lifecycle
  • Design and implement security controls for LLM-integrated and agentic AI systems, including sandboxing, identity and permission scoping, runtime monitoring, and containment of autonomous agent actions
  • Own AI security across the Controlled Agentic SDLC, establishing security guardrails, AI provenance standards, dual-review requirements, and audit trail controls
  • Lead the security review and risk assessment of all AI integrations entering production, including LLM APIs, SaaS copilots, AI code editors, agentic workflows, third-party MCP servers, and vendor-embedded AI
  • Build and scale Ripple's Shadow AI detection capability, surfacing unsanctioned AI usage and driving adoption of the AI acceptable use policy
  • Serve as Ripple's go-to technical resource on agentic AI risks, including MCP server security, tool poisoning, prompt injection, and excessive agency in multi-agent systems
  • Shape Ripple's external AI security posture, contributing to industry frameworks, engaging regulators, and publishing research

Benefits

  • A professional development budget to support other modes of learning
  • In-office collaboration flexibility, teams decide which 10+ days a month they come in
  • Bi-weekly all-company meeting
  • Team offsites, team bonding activities, happy hours
  • Competitive bonuses and equity
  • Competitive benefits that cover physical and mental healthcare, retirement, family forming, and family support
  • Employee giving match
  • Mobile phone stipend
  • R&R days
  • Generous wellness reimbursement and weekly onsite & virtual programming
  • Generous vacation policy
  • Industry-leading parental leave policies
  • Family planning benefits
  • Catered lunches, fully-stocked kitchens with premium snacks/beverages, and fun events