AI-Application Security Engineer Job Listing at Stifel in Saint Louis, MO (Job ID 9336)

Description

The AI-Application Security Engineer is responsible for implementing and scaling technical security controls and security processes across internally developed applications and AI-enabled systems. This role partners directly with engineering teams to embed security into the software development and AI lifecycles, and, in partnership with the AI-Application Security Architect, contributes to detailed technical design and operationalizes security architecture, standards, and secure-by-design practices. This engineer operates with moderate autonomy, leads security initiatives end-to-end, and contributes to the evolution of application and AI security capabilities. The role requires strong hands-on technical depth in secure software development, application security testing, vulnerability management, and emerging AI security risks, including prompt injection, model abuse, insecure integrations, and data leakage. 

• In partnership with the AI-Application Security Architect, contribute to detailed technical design and operationalize security architecture, standards, and approved security patterns across application and AI-enabled systems. 
• Partner directly with engineering teams to embed security controls and secure-by-design practices into the software development lifecycle and AI lifecycle. 
• Evaluate, test, and perform technical validation of AI and application security tools, including AI red teaming, AI and MCP gateways, DAST, SAST, SCA, API security, and mobile application security capabilities. 
• Implement, integrate, tune, and scale security tooling across application and AI environments, including runtime monitoring, governance controls, testing platforms, and posture management capabilities, with a focus on coverage, signal quality, and operational effectiveness. 
• Leverage AI and automation to scale security operations, vulnerability management, and developer enablement through technologies such as Python, AWS services, and CI/CD pipelines. 
• Triage, validate, and prioritize vulnerabilities identified through application and AI security tools, assess risk in business and technical context, and partner with engineering teams to drive timely remediation. 
• Provide hands-on guidance to developers, including low-code and no-code users, on secure development practices, platform-specific risks, secure integration patterns, and remediation approaches. 
• Support the security review and risk assessment of AI platforms, models, agents, skills, MCPs, and third-party integrations by applying defined controls, documenting risk decisions, and helping establish scalable onboarding and governance practices. 
• Develop, maintain, and improve secure coding standards, implementation guidance, guardrails, and technical documentation for both application and AI use cases. 
• Stay current on emerging cybersecurity threats, particularly in AI security, and incorporate relevant mitigations into security tooling, engineering practices, and control design. 
• Contribute to a strong security engineering culture by mentoring junior engineers, sharing technical knowledge, and helping mature application and AI security practices across the organization. 

• Understanding of application and AI security principles, methods, and technologies, including AI-specific risks such as prompt injection, model abuse, insecure agentic integrations, and data leakage. 
• Strong analytical and problem-solving skills with the ability to identify and mitigate security risks across both traditional application and AI-enabled systems. 
• Strong verbal and written communication and collaborative skills. 
• Ability to effectively communicate technical topics to technical and non-technical audiences. 
• Ability to prioritize workload and consistently meet deadlines. 
• Security architecture, threat modeling, secure design. 
• Strong analytical and problem-solving skills. 

• Minimum Required: Bachelor's degree in Computer Science, Information Systems, Cybersecurity, Computer Engineering, Software Engineering, or a related combination of education and experience. 
• Minimum Required: 2+ years of information security or software development experience. 

• Preferred: CISSP, CSSLP, GIAC or similar. 

• Preferred: C#, Angular, Python programming experience. 
• Preferred: Experience in cloud platforms, AWS, Github. 
• Experience with application security tooling; SAST, DAST, SCA, API, Mobile, Red Team. 
• Experience with AI tools (AI Coding assistants, Skills, MCPs, Agents). 

#LI-LL1

Stifel is more than 130 years old and still thinking like a start-up.  We are a global wealth management and investment banking firm serious about innovation and fresh ideas.  Built on a simple premise of safeguarding our clients' money as if it were our own, coined by our namesake, Herman Stifel, our success is intimately tied to our commitment to helping families, companies, and municipalities find their own success.

While our headquarters is in St. Louis, we have offices in New York, San Francisco, Baltimore, London, Frankfurt, Toronto, and more than 400 other locations.  Stifel is home to approximately 9,000 individuals who are currently building their careers as financial advisors, research analysts, project managers, marketing specialists, developers, bankers, operations associates, among hundreds more.  Let's talk about how you can find your place here at Stifel, where success meets success.

At Stifel we offer an entrepreneurial environment, comprehensive benefits package to include health, dental and vision care, 401k, wellness initiatives, life insurance, and paid time off.

Stifel is an Equal Opportunity Employer.