Job Location: Mexico
At Levi Strauss & Co, we are revolutionizing the apparel business and redefining the way denim is made. We are taking one of the world's most iconic brands into the next century: from creating machine learning-powered denim finishes to using block-chain for our factory workers' wellbeing, to building algorithms to better meet the needs of our consumers and optimize our supply chain.
About the Job
We are looking for an AI Workflow & Agent Software Engineer to design, build, and operate production-grade AI workflows and agentic systems that enhance LS&Co.’s cybersecurity capabilities. You will create reliable, observable, and secure AI services that orchestrate tools, data, and models to accelerate security investigations, automate repetitive tasks, improve analyst decision-making, and reduce time-to-detect and time-to-remediate without compromising security controls.
Key Cybersecurity Use Cases You’ll Enable
SOC workflows: alert enrichment, triage summaries, correlation across tools, and recommended next steps
Incident response automation: evidence collection, timeline building, containment playbooks, and post-incident reporting
Threat intel & hunting: ingestion/normalization, hypothesis-driven hunts, and IOC enrichment workflows
Vulnerability management: prioritization using asset context, exploitability signals, and remediation guidance
IAM and access reviews: anomaly detection support, access justification summaries, and workflow routing
Security knowledge assistant: grounded answers from policies, standards, runbooks, and past incidents (RAG)
Phishing and email security support: classification, enrichment, and response workflow automation
Responsibilities
Design and build AI agents and workflow orchestration services that support cybersecurity operations end-to-end
Integrate agents with security tooling (e.g., SIEM, SOAR, EDR, ticketing, CMDB, IAM, cloud security platforms) via APIs and secure tool interfaces
Build retrieval and knowledge components that ground outputs in LS&Co. security policies, runbooks, detections, and incident history
Implement robust guardrails to prevent unsafe actions (prompt injection resistance, least-privilege tool access, allowlisted actions, human-in-the-loop approvals)
Develop evaluation harnesses for security-focused agent behavior (accuracy, completeness, false positives/negatives, safe-action compliance)
Establish observability for AI workflows: tracing, audit logs, model/prompt versioning, and incident response runbooks for the AI system itself
Optimize performance and cost (model routing, caching, batching, token controls) while meeting SOC latency expectations
Partner with GSO leadership and stakeholders to define success metrics (MTTD/MTTR, analyst throughput, alert closure quality, automation rate)
Produce high-quality documentation (architecture, threat models, SOPs, runbooks) and contribute to reusable security automation patterns
Mentor and enable security engineers/analysts adopting AI workflows and best practices
About You
Hands-on experience building AI workflows and agents (tool-using, multi-step systems) in production
Strong understanding of agent patterns: tool calling/function calling, planning vs. reactive, routing, memory, RAG, and guardrails
Experience improving reliability: grounding, structured outputs, deterministic fallbacks, and safe failure modes
Ability to translate security problems into workflow steps, tool contracts, and measurable outcomes
Strong software development experience in Python and/or TypeScript (or similar modern languages)
Experience building APIs/services, background workers, and event-driven integrations
Strong testing discipline, including unit/integration tests and regression testing for prompts/workflows
Experience designing for production: scalability, latency, resilience, and cost controls
Experience with CI/CD and infrastructure-as-code
Familiarity with Docker/Kubernetes and secure secrets management
Experience with cloud platforms (AWS/GCP/Azure) and identity/networking fundamentals
Understanding of queues/pub-sub/event buses and integration patterns common in security automation
A strong moral compass, high integrity, and positive attitude are required to be a successful part of this team. Critical thinking is a major part of this role, and you will be expected to articulate your thought process on a regular basis. Confidence in your ability to quickly learn from and adapt to unfamiliar scenarios will be paramount to our success. You will be part of several highly collaborative multi-national cross functional teams which will push your interpersonal skills.
Like all members of the LS&Co. Technology organization, you will be an extended member of cross-functional product and engineering teams. You will be expected to provide expert input and execute highly complex tasks during high-visibility situations. You will need to maintain a strong knowledge of current AI capabilities, limitations, and best practices, as well as a dedicated and self-driven desire to research the evolving AI landscape. You will be expected to relentlessly seek to improve your knowledge and situational awareness of LS&Co. global business operations.
Demonstrate excellent communication skills, analytical abilities, sound judgment, and possess the ability to work effectively with internal team members, including engineering, product, design, data, legal, security, and business partners.
Most notable is the expectation of personal growth and embracing the well-known, “other duties as assigned.” We run a lean team here at LS&Co., which will give you a greater opportunity for exposure to a breadth of technologies and challenges you simply cannot encounter elsewhere.
Education and Experience
4-year degree in Computer Science, Software Engineering, or related field (or equivalent practical experience)
4+ years of professional software engineering experience building and operating production systems
2+ years building AI-powered applications (LLMs, RAG, workflow orchestration, or agentic systems) in production preferred
Cybersecurity engineering or security operations experience is strongly preferred