Senior AI Cyber Security Engineer

Company Overview ImmunityBio, Inc. (

NASDAQ:

IBRX) is a commercial-stage biotechnology company developing cell and immunotherapy products that are designed to help strengthen each patient's natural immune system, potentially enabling it to outsmart the disease and eliminate cancerous or infected cells. We envision a day when we no longer fear cancer, but can conquer it, thanks to the biological wonder that is the human immune system. Our scientists are working to develop novel therapies that harness that inherent power by amplifying both branches of the immune system, attacking cancerous or infected cells today while building immunological memory for tomorrow.

The goal:

to reprogram the patient's immune system and treat the host rather than just the disease. Why ImmunityBio?

• ImmunityBio is developing cutting-edge technology with the goal to transform the lives of patients with cancer and develop next-generation therapies and vaccines that complement, harness and amplify the immune system to defeat cancers and infectious diseases.
• Opportunity to join a publicly traded biopharmaceutical company with headquarters in Southern California.
• Work with a collaborative team with the ability to work across different areas of the company.
• Ability to join a growing company with professional development opportunities.

Position Summary The Senior AI Cybersecurity Engineer is responsible for securing AI/ML systems end‑to‑end: from data pipelines and model training to deployment, monitoring, and abuse prevention. This role combines deep security engineering expertise with practical experience building or protecting machine learning and generative AI workloads. You will partner with data science, platform, product, and security teams to design secure architectures for AI services, conduct threat modeling for AI/ML use cases, detect and respond to AI‑driven and AI‑targeting attacks, and help define secure development and governance practices for AI across the organization. Essential Functions Design and implement security controls for AI/ML platforms, including model training environments, inference services, data pipelines, and feature stores. Conduct threat modeling for AI systems, including model theft, data poisoning, prompt injection, model inversion, and abuse/misuse scenarios. Build and maintain security tooling and automation to detect and prevent AI specific attacks (e.g., adversarial inputs, prompt injection chains, anomalous usage patterns). Collaborate with data scientists and ML engineers to integrate security into the AI development lifecycle (secure coding, model validation, testing and red teaming for AI behaviors). Evaluate and harden integrations with third party AI providers (LLM APIs, vector databases, orchestration frameworks, agents), including authentication, authorization, data handling, and logging. Collaborate with cloud/platform teams to ensure AI infrastructure (Kubernetes, GPU clusters, model registries, CI/CD) follows security best practices and compliance requirements. Define and implement monitoring for AI systems, including abuse detection, drift and anomaly alerts, model access patterns, and security relevant telemetry. Partner with incident response teams on investigations involving AI systems, including analyzing logs, traffic, model behavior, and potential data/model compromise. Contribute to policies, standards, and guardrails for responsible and secure use of AI internally (e.g., data classification rules for training inputs and prompts, allowed use cases, evaluation requirements). Provide technical guidance and mentorship to other engineers on AI security concepts, threats, and secure design patterns. Stay current on emerging AI threats, vulnerabilities, frameworks, and regulatory trends, and translate them into practical recommendations for the organization. Create, edit and adhere to Standard Operating Procedures (SOPs), process improvements, and standardization of templates. Performs ad-hoc and cross-functional duties and/or projects as assigned to support business needs and provide developmental opportunities. Education & Experience Bachelor's Degree with 8+ years of relevant experience is required; OR High school Diploma or equivalent with at least 12 + years of relevant experience is required. 5+ years of hands-on security engineering experience (application, product, cloud, or infrastructure), including designing and implementing security controls in production environments is required. Practical experience with AI/ML systems (e.g., working with ML pipelines, LLM applications, vector search, or MLOps platforms), whether as a security engineer or as an engineer collaborating closely with ML teams is required. Experience implementing authentication/authorization, secrets management, network segmentation, and secure CI/CD for services and APIs is required. Experience securing LLM and generative AI applications (e.g., RAG architectures, AI agents, chatbots, code assistants) is preferred. Experience with security logging/observability stacks (SIEM, data lakes, security analytics) and building detections for AI‑related threats is preferred. Relevant certifications e.g., cloud security, offensive security, or AI‑focused credentials is preferred. Knowledge, Skills, & Abilities Strong understanding of modern cloud platforms (AWS, Azure, or GCP) and container/orchestration technologies (Docker, Kubernetes) as they apply to AI workloads. Solid knowledge of common AI/ML threat scenarios: data poisoning, model theft/exfiltration, adversarial examples, model inversion, prompt injection, jailbreaks, and abuse/misuse of generative models. Proficiency in at least one major programming language used in security and ML ecosystems (Python preferred; Go, Java, or similar also valuable). Strong background in secure software development practices, code review, and security design reviews. Ability to communicate complex technical risk and tradeoffs clearly to both technical and non-technical stakeholders. Hands‑on work with ML stacks such as PyTorch, TensorFlow, scikit‑learn, or ML platforms like SageMaker, Vertex AI, Azure ML, or on‑prem equivalents. Familiarity with AI security and safety frameworks or guidance (e.g., NIST

AI RMF, ISO/IEC AI

standards, major cloud provider AI security patterns). Background in red teaming or offensive security focused on applications, APIs, or AI systems. Working Environment / Physical Environment The position will work onsite. Regular work schedule is Monday - Friday, within standard business hours. Flexibility is available with manager approval. Must possess mobility to work in a standard office setting and to use standard office equipment, including a computer. Lift and carry materials weighing up to 20 pounds. This position is eligible for a discretionary bonus and equity award. The annual base pay range for this position is below. The specific rate will depend on the successful candidate's qualifications, prior experience as well as geographic location. $148,500 (entry-level qualifications) to $165,000 (highly experienced) annually The application window is anticipated to close on 60 days from when it is posted or sooner if the position is filled or closed. ImmunityBio employees are as valuable as the people we serve. We have built a resource of robust benefit offerings to best support the total wellbeing of our team members and their families. Our competitive total rewards benefits package, for eligible employees, include: Medical, Dental and Vision Plan Options

• Health and Financial Wellness Programs
• Employer Assistance Program (EAP)
• Company Paid and Voluntary Life/AD&D, Short-Term and Long-Term Disability
• Healthcare and Dependent Care Flexible Spending Accounts
• 401(k) Retirement Plan with Company Match
• 529 Education Savings Program
• Voluntary Legal Services, Identity Theft Protection, Pet Insurance and Employee Discounts, Rewards and Perks
• Paid Time Off (PTO) includes: 11 Holidays
• Exempt Employees are eligible for Unlimited PTO
• Non-Exempt Employees are eligible for 10 Vacation Days, 56 Hours of Health Pay, 2 Personal Days and 1 Cultural Day
• We are committed to providing you with the tools and resources you need to optimize your Health and Wellness.

At ImmunityBio, we are an equal opportunity employer dedicated to diversity in the workplace. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law. ImmunityBio is a leading registration-stage immuno-oncology and infectious disease company activating both the innate (natural killer cell and macrophage) and adaptive (T cell) immune system. We are developing molecular and product platforms including N-803, Aldoxorubicin, and a second-generation adenovirus vector, based upon our three key modalities of activating natural killer ('NK') and T cells, tumoricidal macrophages, and memory T cells. Please be aware of fraud or scams from individuals, organizations, and/or internet sites claiming to represent ImmunityBio in recruitment activities. We have an established recruitment process which is required for all posted positions by ImmunityBio prior to issuing an offer of employment. This ImmunityBio process requires formal interviews conducted live with personnel representing ImmunityBio and never requires payments or fees from job applicants. In the event that you receive a suspicious phone call, email or Linked InMail message about recruiting on behalf of ImmuntiyBio, unless it's from an authorized recruiting associate, do not provide any personal information and never pay any fees. Qualified and interested candidates should apply to current openings directly through this ImmunityBio website. ImmunityBio accepts no responsibility for costs or charges incurred as a result of fraudulent activity.