Millennium · 13 hours ago
Application Security AI Lead
New York, New York, United States of America
Full-time
Onsite
Senior Level, Lead/Staff
$175K/yr - $250K/yr
5+ years expMillennium is a leading firm focused on securing information and computer systems. The role of Application Security AI Lead involves managing a global team to implement AI security strategies, conduct risk assessments, and develop security programs to protect the enterprise from threats.
Asset ManagementFinanceFinancial ServicesHedge Funds
Responsibilities
Manage and mentor a global team of 3-5 Application/AI Security engineers
Define and implement security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption
Conduct specialized threat modeling, red teaming, and risk assessments for AI/ML models (e.g., testing for prompt injection, model theft, and data poisoning)
Lead risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
Engage throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
Evangelize AppSec and AI security best practices through developer education, training materials, and outreach
Design robust security architectures and integrate automated security testing (SAST/DAST/SCA) into CI/CD pipelines
Partner with Technology, Trading, Legal, and Compliance to create policies and communicate technical risks to non-technical stakeholders
Qualification
Required
Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
Experience working with AI models, Agentic frameworks and security risks associated with AI
Experience in managing global teams, doing presentations to senior development managers and leadership
Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc
Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
Familiarity with web application security testing tools and methodologies
Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc
Preferred
Knowledge of Linux, OS internals and containers is a plus
Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous
Benefits
Discretionary performance bonus
Comprehensive benefits package
Company
Millennium
Millennium is a global, diversified alternative investment firm, founded in 1989, which manages $83.5 billion in assets.
5001-10000 employees
H1B Sponsorship
Millennium has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (264)
2024 (146)
2023 (156)
2022 (146)
2021 (73)
2020 (86)
Funding
Current Stage
Late StageLeadership Team
Israel Englander
Chairman and Chief Executive Officer
Ajay Nagpal
President and Chief Operating Officer
Recent News
2026-01-09
2025-12-26
2025-12-19
Company data provided by crunchbase