DraftKings Inc. is a technology company that is integrating AI into its operations to enhance customer experiences and streamline processes. They are seeking a Staff Security Engineer to ensure the secure deployment of emerging technologies, influencing the company's security posture and collaborating with various teams to build and deploy security tooling.
Responsibilities:
- Set the security standards and guardrails for the AI platform. Define the principles, reference architectures, and policy-as-code that all AI tooling at DraftKings adheres to, so that many teams can build agents and workflows while still meeting a consistent security bar. Focus on specifying the environment, infrastructure, and authentication methods agents rely on, rather than reviewing every individual implementation
- Review and build the architecture of AI gateways and tooling. Provide security review, sign-off, and possibly pair on implementation of these systems, and the systems that they interface with
- Make the security review process scale. Streamline how AI services move through InfoSec review on their way to production, so the bar stays high but does not become the bottleneck
- Reduce AI-driven security noise. Partner with platform and detection teams on telemetry (tool-call metrics, auditing agents over that data) and on lightweight controls like standardized system prompts that cut unnecessary investigations without slowing engineers down
- Drive remediation efforts of complex, cross-functional security issues. When relevant, you’ll be called into investigations to assist
- Coach and raise the bar. Mentor security and platform engineers, lead technical and SME discussions on AI security, and elevate the team's overall capability in this space
Requirements:
- 7+ years experience in engineering - building and operating systems in production
- 5+ years experience contributing and advising on security design
- Broad security fluency across infrastructure and enterprise security - endpoint protection, network security, identity, SaaS tools, and cloud security - even if your deepest expertise is in application and product security
- Deep hands-on ability to debug systems issues
- Experience writing high quality code in a typed and untyped programming language
- Excellent collaboration and communication skills — you can align engineering, platform, privacy, legal, and leadership stakeholders, and you bias toward enabling teams rather than blocking them
- Ability to manage competing priorities and thrive in a fast-paced, dynamic environment