Senior Cybersecurity Engineer – Governance, Risk & Compliance
General Motors
Cyber SecurityServiceNow
Principal AI Security Engineer
BetterUp
full-time
Posted on:
Location Type: Hybrid
Location: Austin • Texas • 🇺🇸 United States
Visit company websiteSalary
💰 $232,000 - $366,000 per year
Job Level
Lead
Tech Stack
CloudDistributed SystemsMicroservices
About the role
- Translate emerging regulatory frameworks (e.g., ISO 42001, SOC2, OWASP ASVS) and customer assurance requirements into actionable engineering enhancements.
- Define and guide the secure design and implementation of features across web, mobile, and AI-powered services, ensuring security is embedded early in the product lifecycle.
- Scale and lead the bug bounty and vulnerability disclosure programs, partnering with researchers and triage teams to drive rapid remediation and learning loops.
- Partner with AI/ML teams to assess, mitigate, and monitor risks unique to GenAI and AI/ML model integration, including prompt injection, data leakage, and model manipulation.
- Provide deep expertise in secure coding practices, threat modeling, design reviews, and static/dynamic analysis to Engineering teams delivering core user-facing functionality.
- Serve as a security SME for AI-centric features, helping teams align with AI governance, privacy, and ethical use frameworks.
- Work closely with internal teams (Product Managers, Engineering Leads, and Platform teams) as well as external partners to ensure alignment of security goals with product roadmaps.
- Serve as a bridge between security, compliance, and engineering—translating external regulatory and customer drivers into technical security requirements.
- Actively influence product development timelines and risk prioritization through strategic participation in design, architecture, and sprint planning forums.
- Lead application-level security architecture reviews and define secure patterns for authentication, authorization, data protection, and API security.
- Evaluate new technologies and services for security risks and support secure vendor selection and integration.
- Contribute to and help evolve BetterUp’s secure development lifecycle and product security engineering standards.
Requirements
- 8+ years of experience in application and product security roles within cloud-native and SaaS environments, with a strong emphasis on securing AI/ML systems, models, and data pipelines.
- Proven success delivering security enhancements with SOC2, NIST, OWASP, CIS Benchmarks; with a huge plus with ISO 42001
- Hands-on experience with SAST/DAST tooling, threat modeling, secure code review, and vulnerability management pipelines.
- Experience collaborating with internal stakeholders (including the product, engineering and go-to-market teams) as well as external partners to ensure alignment of security goals with product roadmaps.
- Demonstrated ability to influence engineering teams and drive secure design decisions without formal authority.
- Strong understanding of secure development practices for distributed systems, microservices, APIs, and data pipelines.
- Bonus: experience supporting or operating bug bounty or coordinated vulnerability disclosure programs.
Benefits
- Access to BetterUp coaching; one for you and one for a friend or family member
- A competitive compensation plan with opportunity for advancement
- Medical, dental, and vision insurance
- Flexible paid time off
- All federal/statutory holidays observed
- 4 BetterUp Inner Workdays (https://www.betterup.co/inner-work)
- 5 Volunteer Days to give back
- Learning and Development stipend
- Company wide Summer & Winter breaks
- Year-round charitable contribution of your choice on behalf of BetterUp
- 401(k) self contribution
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
secure coding practicesthreat modelingdesign reviewsstatic analysisdynamic analysisSAST toolingDAST toolingvulnerability managementAPI securitysecure development practices
Soft skills
influence engineering teamscollaborationcommunicationstrategic participationleadership
Certifications
SOC2NISTOWASPCIS BenchmarksISO 42001
