Senior AI Security Engineer

Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. We represent companies at every stage of development, from entrepreneurial start-ups to multibillion-dollar global corporations, as well as the venture firms, private equity firms, and investment banks that finance and advise them. The firm has approximately 1,100 attorneys in 17 offices: 13 in the U.S., two in China, and two in Europe. Our broad spectrum of practices and entrepreneurial spirit allow exceptional opportunities for professional achievement and career growth. Wilson Sonsini is looking for a Senior AI Security Engineer to join the Security Operations team. The Senior AI Security Engineer, under the direction of the Director, Security Engineering and Operations, sits at the frontier of AI infrastructure and enterprise security — a rare opportunity to architect how one of the world's leading law firms builds and deploys AI systems with security and trust at their core. This role is designed for someone who understands how models are attacked and how to harden them, and who is energized by the challenge of securing AI-native workflows in a legal environment. You will own the firm's AI security engineering function: designing secure AI pipelines, evaluating MCP server integrations and agentic architectures, and serving as the technical authority for AI security across the firm's growing ecosystem of AI-powered tools and platforms. This position is available as a fully virtual opportunity.

Essential Duties and Responsibilities:

Collaborate on designing secure-by-default patterns for LLM integration, agentic workflows, retrieval-augmented generation (RAG) pipelines, and MCP server deployments across firm systems Lead security architecture reviews for MCP (Model Context Protocol) integrations — evaluating tool definitions, server trust boundaries, prompt injection attack surfaces, and tool call authorization models before any MCP server is connected to firm data or workflows Build and operate AI threat modeling and red teaming capabilities — developing adversarial test suites for prompt injection, jailbreaking, data exfiltration via LLMs, model inversion, and supply chain attacks on AI/ML dependencies Engineer secure data pipelines for AI systems — implementing data loss prevention controls, confidentiality boundaries, and least-privilege access patterns for LLMs interacting with firm data Partner with IT, Information Security, and practice group leaders to evaluate and approve AI vendor integrations Develop and maintain security standards and engineering guardrails for AI development across the firm — including secure coding practices for AI-adjacent code, model output validation, hallucination detection controls, and audit logging for AI-assisted attorney workflows Perform related duties as assigned by supervisor Maintain compliance with all company policies and procedures Education and/or

Work Experience Requirements:

Bachelor's degree in Computer Science, cybersecurity, or a related technical field required 5+ years of experience in application security, cloud security, or AI/ML engineering, with at least 2 years focused on AI system security — building, breaking, or hardening LLM-based or agentic AI systems in production environments Hands-on familiarity with the Model Context Protocol (MCP) — including how MCP servers are structured, how tool definitions are exposed to models, how to audit MCP server codebases for injection vulnerabilities, and how to implement secure MCP deployment patterns in enterprise environments Demonstrated experience with AI threat modeling — including

OWASP LLM

Top 10, adversarial ML attack techniques (prompt injection, jailbreaking, data poisoning, model extraction), and practical mitigations that work in production rather than just in theory Solid command of cloud security fundamentals (AWS, Azure, or GCP) as applied to AI workloads — including secure API gateway configuration, secrets management for model API keys, network isolation for AI inference endpoints, and identity-aware proxy patterns for LLM access control Experience securing agentic AI systems — understanding how multi-step reasoning pipelines, tool-using agents, and autonomous AI workflows introduce novel attack surfaces, and how to implement guardrails, human-in-the-loop controls, and scoped permissions that prevent runaway or adversarially manipulated agents Experience in a law firm is a plus — more important is the ability to communicate complex AI security concepts clearly to non-technical stakeholders, including attorneys and firm leadership who need to make informed decisions without a security background Relevant certifications (OSCP, GREM, Azure Security Engineer, or similar) are valued; more important is demonstrated hands-on work — a strong GitHub profile, original research, or CTF wins speaks louder than credentials alone Intellectual curiosity and a builder's mindset — this role is for someone who gets energized by the pace of AI development and who stays current not just by reading about AI security but by experimenting with models, tools, and attack techniques firsthand Comfortable working in a fast-moving environment where the AI landscape shifts faster than any governance framework can keep up — able to make sound risk judgments under ambiguity and bring stakeholders along with you Self-directed and resourceful — able to build a program from the ground up, prioritize intelligently across competing demands, and drive work to completion without waiting to be told exactly how The primary location for this job posting is in Palo Alto, but other locations may be listed. The actual base pay offered will depend upon a variety of factors, including but not limited to the selected candidate's qualifications, years of relevant experience, level of education, professional certifications and licenses, and work location. The anticipated pay range for this position is as follows:

Palo Alto, New York, San Francisco:

$163,200 - $220,800 per year. Austin, Boston, Boulder, Century City, Delaware, Los Angeles, Salt Lake City, San Diego, Seattle, Washington, D.C., and all other locations: $147,050 - $198,950 per year. The compensation for this position may include a discretionary year-end merit bonus based on performance. We offer a highly competitive salary and benefits package. Benefits information can be found here. Equal Opportunity Employer (EOE). careers.wsgr.com Wilson Sonsini is the premier legal advisor to technology, life sciences, and growth enterprises worldwide, as well as the venture firms, private equity firms, and investment banks that finance them. We represent more than 300 public enterprises and 3,000 private companies in a wide range of today's cutting-edge industries, from AI and fintech to life sciences and mobility. For more than 60 years, our attorneys and professional staff have created a unique working environment. With deep roots in the fast-paced and innovative world of Silicon Valley, the firm fosters an entrepreneurial spirit and team-oriented approach for all employees, providing professional and personal development opportunities and encouraging all departments to promote a stable and optimal work/life balance. Wilson Sonsini is committed to creating a diverse and inclusive workforce globally. We have built a culture in which employees of all backgrounds, viewpoints, and experiences are encouraged and empowered to achieve their maximum potential. Our firm is consistently recognized among the top law firms in annual diversity rankings. For example, Wilson Sonsini ranked No. 2 among firms with more than 601 attorneys in Law360's 2025 Diversity Snapshot. Additionally, in 2025, for the seventh consecutive year, Wilson Sonsini achieved Mansfield Plus Certification, and in 2026, for the sixth consecutive year, the firm achieved a top score of 100 on the Human Rights Campaign Foundation's Corporate Equality Index. We are also dedicated to enhancing the communities in which we live and work by providing legal services, financial support, and volunteer services to worthy agencies and individuals in need. In 2025, Wilson Sonsini attorneys and staff provided more than 80,500 pro bono hours, participated in 125 community service projects, and raised over $130,000 for charitable organizations and causes. In addition, the Wilson Sonsini Foundation contributed more than $2.35 million to 112 law-related organizations and 129 community organizations in 2025. Wilson Sonsini has 17 offices in 16 technology and business hubs worldwide. Austin, TX Boston, MA Boulder, CO Brussels, Belgium Century City, CA Hong Kong London Los Angeles, CA New York, NY Palo Alto, CA Salt Lake City, UT San Diego, CA San Francisco, CA Seattle, WA Shanghai (China) Washington, D.C. Wilmington, DE