Senior Application Security Developer , AI Security

Position Overview

Our team of security experts helps Autodesk design, build, deploy, and maintain secure products. We embed security across the full software development lifecycle—from inception and design to development, testing, and cloud operations while proactively addressing emerging threats. Our mission is to stay ahead of adversaries and protect our customers’ data and investments by strengthening applications, services, and infrastructure.

As a Senior Application Security Developer (AI Security Focus), you will secure AI-enabled applications across Autodesk, with a primary focus on LLM-powered features, agent-based systems, and AI-assisted development workflows. You will partner closely with product and engineering teams to identify and mitigate real-world risks such as prompt injection, data leakage, and unsafe tool usage, while embedding scalable security practices into the development lifecycle.

This role is hands-on and cross-functional, with opportunities to influence multiple teams and shape Autodesk’s AI security practices.

Responsibilities  

• Lead security assessments of AI-enabled applications, including LLM-integrated systems, agents, and copilots, with a focus on real-world abuse scenarios and adversarial behavior

• Define and implement secure-by-default patterns for AI-assisted development, including guidance for tools such as Cursor, Claude, and other IDE-integrated copilots

• Partner with engineering teams to shift security left, embedding AI security controls into design, development, and code review processes

• Develop and maintain secure coding guidelines for AI systems, including safe prompt construction, output handling, data protection, and model interaction boundaries

• Evaluate and improve runtime security controls for AI systems, including guardrails, input/output validation, policy enforcement, and monitoring for anomalous behavior

• Integrate AI security testing into CI/CD pipelines, enabling continuous validation of LLM-related risks alongside traditional application security testing

• Collaborate with platform and infrastructure teams to implement controls such as policy engines, API gateways, and runtime protections for AI workloads

• Provide developer education and enablement on AI security risks, secure usage of coding assistants, and emerging threat patterns

• Track, prioritize, and report on AI-specific vulnerabilities and trends to continuously improve Autodesk’s AI security posture

Minimum Qualifications

• 5+ years of experience in application security, product security, or related fields

• Strong understanding of OWASP Top 10 and application/API security fundamentals (auth, authz, data protection)

• Experience with secure development practices (threat modeling, design reviews, code reviews, shift-left security)

• Hands-on experience securing modern applications, with exposure to or strong interest in AI/LLM systems

• Experience identifying and mitigating vulnerabilities such as injection, data leakage, insecure deserialization, and access control issues

• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines

• Proficiency in scripting or programming (Python, JavaScript, or Go)

• Strong analytical and problem-solving skills

• Ability to communicate complex security risks clearly to engineering teams

Preferred Qualifications

• Familiarity with OWASP LLM Top 10 and AI-specific risks (prompt injection, model misuse, unsafe tool invocation)

• Experience working with LLM-powered applications, copilots, or agent-based systems

• Knowledge of AI security controls such as guardrails, prompt validation, and model monitoring

• Experience with security testing approaches such as red teaming or adversarial testing

• Familiarity with cloud-native environments (AWS, Azure, GCP)

• Experience building security guidelines, frameworks, or developer training materials