Senior Application Security Engineer, AI & Product Security
Job Location:
Job Location:
Seattle, OR - USA
Monthly Salary:
Not Disclosed
Monthly Salary:
Posted on:
25 days ago
Posted on:
Vacancies:
1 Vacancy
Vacancies:
Job Summary
ABOUT ARTERA
Our Mission: Make healthcare #1 in customer service.
What We Deliver: Artera is an agentic company strengthening how healthcare providers communicate and care for patients. As an agentic partner we bring over a decade of healthcare experience to address urgent workflows from day one and build custom solutions as healthcare providers needs evolve. Trusted by 1000 specialties FQHCs health systems and federal agencies Artera strengthens and protects and enhances patient relationships across every interaction - from intake and scheduling to referral management post-visit care and more.
Our award-winning culture:Our award-winning culture: Since founding in 2015 Artera has consistently been recognized for its innovative technology business growth and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (); Deloitte Technology Fast 500 (); Built In Best Companies to Work For ( 2026). Artera has also been recognized by Forbes as one of Americas Best Startup Employers Newsweek as one of the Worlds Best Digital Health Companies and named one of the top 44 Startups to Bet your Career on in 2024 by Business Insider.
Applicants must be currently authorized and have the ability to provide proof of full-time long-term authorization to work in the United States. We are unable to provide visa sponsorship or support visa transfers now or in the future.
ABOUT THE OPPORTUNITY
Artera is seeking a hands-on Application Security Engineer to work alongside our AI builders and Systems Engineers to threat-model agentic and LLM-powered features harden PHI/PII-handling workflows and ship the paved road tooling (secure SDLC guardrails prompt/agent-identity patterns SAST/DAST/SCA in CI/CD) that keeps innovation fast and safe.
This is a frontier role. Youll be operating where AI security is still being defined translating policy into code building guardrails for agent identity and prompt/output filtering and giving our team the logging scanning and safe tool-use patterns. Artera Security finds the secure path and ships it with our AI Builders and System Engineers.
This role is based in our Seattle WA -person collaboration is intentional youll be working shoulder-to-shoulder with our AI builders Systems Engineers and security leadership as we build Arteras Seattle tech hub.
This role supports federal-facing systems and contributes to enterprise security functions. Candidates must meet eligibility for a government background check and follow strict data protection access control and incident response protocols. Familiarity with regulatory frameworks is expected. Ongoing compliance training and evidence-based documentation may be required.
Responsibilities
- AI Threat Modeling: Threat-model agentic and LLM-powered features end-to-end: data ingress/egress agent identity tool-use boundaries and the unique risks that come with frontier AI work
- Paved Road Tooling: Build the secure SDLC paved road secure SDLC guardrails prompt/agent identity patterns secrets management PHI/PII redaction patterns
- Security Gates: Embed SAST DAST SCA and infrastructure scanning into CI/CD so security gates are part of the pipeline not an afterthought
- AI Monitoring Strategy: Identify and pilot an AI monitoring tool to fill the gap our current tooling (Zscaler) doesnt cover
- Policy -> Practice: Translate existing security policy into safe tool-use patterns for the Artera Primitives team Systems Engineers and other AI Builder squads
- Cross Functional Partnership: Partner cross-functionally with DevOps Systems Engineering and the AI builder teams meeting AI Builders and engineers in the middle and finding the secure path forward not the no path
- Security Ownership: Own AWS identity and access management patterns secrets management and security tooling decisions in our AWS environment. Collaborate with System Engineers / DevOps on implementation.
- Security Framework Application: Apply frameworks like MITRE ATT&CK MITRE ATLAS OWASP Top 10 and OWASP LLM Top 10 to architectural decisions.
Requirements
- AppSec Tenure: 610 years in Application Security with a hands-on engineering orientation
- LLM & Agent Security: Demonstrable experience with LLM and agent security OWASP LLM Top 10 MITRE ATLAS prompt/output filtering agent identity and tool-use risk
- Threat Modeling Expertise: Youve built end-to-end threat models for production platforms and translated them into corrective controls
- Pipeline Scanning Tools: SAST DAST and infrastructure scanning tools in production CI/CD environments
- Shift-Left Security Experience: Taking policy codifying it as infrastructure-as-code (Terraform) and gating CI/CD pipelines on security findings
- Cloud Depth: Significant AWS experience (GCP or Azure background acceptable; AWS is learnable but cloud depth is required)
- Regulated Environment Experience: Background in regulated environments healthcare (HIPAA/HITRUST) federal (FedRAMP) or fintech (PCI)
- Collaborative Communicator: Strong cross-functional communicator;able to partner with engineers and AI builders find the secure path together.
Bonus
- Agentic AI Modeling: Direct experience threat modeling agentic AI systems (rare but if you have it youre the cherry on top)
- Agentic Platform Exposure: AWS Agent Core MCP or similar agent-platform exposure
- Growth Stage AI Experience: Experience at a growth-stage company (50500 people) that has already adopted agentic AI
- Fintech to Agentic Path: Background in fintech transitioning into agentic systems (a common path into this kind of work today)
- AI Monitoring Tool Ownership: Past ownership of an AI monitoring tool rollout or evaluation
$146000 - $175000 a year
The compensation for this role will be based on level of experience and the geographic tier in which you are located. This position also comes with equity and a variety of benefits.
OUR APPROACH TO WORK LOCATION
At Artera we believe the best work happens when people are truly connected. Our AI services model has shown whats possible when small focused teams move fast together the speed of collaboration pace of career growth and quality of what we build can become stronger when teams share space. As we grow we want every new teammate to feel part of an in-person community from day one.
Thats why we are focusing our U.S. hiring in three cities where we are investing in offices and building strong local teams:
- Santa Barbara CA (Our HQ)
- Seattle WA
- Kansas City KS/MO
Unless a roles posting states otherwise new U.S. roles are based in one of these three cities and candidates should reside in (or be willing to relocate to) one of these areas. Each location follows an in-person schedule that reflects how our local teams work best; well walk you through what to expect for your specific role and city during the interview process.
Focusing on offices and hiring in a few locations rather than spreading thin across many cities lets us invest deeply in each one so every team has real community mentorship and momentum in person.
WORKING AT ARTERA
Company benefits- Full health benefits (medical dental and vision) flexible spending accounts company paid life insurance company paid short-term & long-term disability company equity voluntary benefits 401(k) and more!
Career development - Manager development resources employee development funds
Generous time off- Company holidays Winter & Summer break and flexible time off
Employee Resource Groups (ERGs)- We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join.
EQUAL EMPLOYMENT OPPORTUNITY (EEO) STATEMENT
Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs job requirements and individual qualifications. All candidates are considered without regard to race color religion gender sexual orientation gender identity national origin age disability genetics protected veteran status or any other protected status.
In compliance with federal law all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind. Artera provides reasonable accommodations for applicants and employees in compliance with state and federal laws. If you need an accommodation please reach out to emailprotected.
DATA PRIVACY
Artera values your privacy. By submitting your application you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our.
SECURITY REQUIREMENTS
All employees are responsible for protecting the confidentiality integrity and availability of the organizations systems and data including safeguarding Arteras sensitive information such as Personal identifiable Information (PII) and Protected Health Information (PHI). Those with specific security or privacy responsibilities must ensure compliance with organizational policies regulatory requirements and applicable standards and frameworks by implementing safeguards monitoring for threats reporting incidents and addressing data handling risks or breaches.
We may use artificial intelligence (AI) tools to support parts of the hiring process such as reviewing applications analyzing resumes or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed please contact us.
Required Experience:
Senior IC
About Company
Streamline care, automate workflows, and improve access with a secure patient communication platform built for federal healthcare—powered by Artera Harmony.
