Senior Application Security Engineer AI & Product Security

Artera

Senior Application Security Engineer AI & Product Security

Posted Yesterday

Easy Apply

Be an Early Applicant

Seattle WA USA

Hybrid

146K-175K Annually

Senior level

Healthtech • Other • Sales • Software • Analytics • Conversational AI

Artera delivers a platform-level patient communications solution that integrates across a health system’s tech stack.

The Role

The Senior Application Security Engineer oversees application security works on AI threat modeling and collaborates with engineers to enhance security infrastructure and compliance with regulations.

Summary Generated by Built In

ABOUT ARTERA

Our Mission: Make healthcare #1 in customer service.

What We Deliver: Artera a SaaS leader in digital health transforms patient experience with AI-powered virtual agents (voice and text) for every step of the patient journey. Trusted by 1000+ provider organizations — including specialty groups FQHCs large IDNs and federal agencies — engaging 100 million patients annually. Artera’s virtual agents support front desk staff to improve patient access including self-scheduling intake forms billing and more. Whether augmenting a team or unleashing a fully autonomous digital workforce Artera offers multiple virtual agent options to meet healthcare organizations where they are in their AI journey. Artera helps support 2B communications in 109 languages across voice text and web. A decade of healthcare expertise powered by AI.

Our Impact: Trusted by 1000+ provider organizations — including specialty groups FQHCs large IDNs and federal agencies — engaging 100 million patients annually. Hear from our CEO Guillaume de Zwirek about why we are standing at the edge of the biggest technological shift in healthcare’s history!

Our award-winning culture: Our award-winning culture: Since founding in 2015 Artera has consistently been recognized for its innovative technology business growth and named a top place to work. Examples of these accolades include: Inc. 5000 Fastest Growing Private Companies (2020 2021 2022 2023 2024); Deloitte Technology Fast 500 (2021 2022 2023 2024 2025); Built In Best Companies to Work For (2021 2022 2023 2024 2025 2026). Artera has also been recognized by Forbes as one of “America’s Best Startup Employers” Newsweek as one of the “World’s Best Digital Health Companies” and named one of the top “44 Startups to Bet your Career on in 2024” by Business Insider.

Applicants must be currently authorized and have the ability to provide proof of full-time long-term authorization to work in the United States. We are unable to provide visa sponsorship or support visa transfers now or in the future.

ABOUT THE OPPORTUNITY

Artera is seeking a hands-on Senior Application Security Engineer AI & Product Security to work alongside our AI builders and Systems Engineers to threat-model agentic and LLM-powered features harden PHI/PII-handling workflows and ship the "paved road" tooling (secure SDLC guardrails prompt/agent-identity patterns SAST/DAST/SCA in CI/CD) that keeps innovation fast and safe.

This is a frontier role. You'll be operating where AI security is still being defined — translating policy into code building guardrails for agent identity and prompt/output filtering and giving our team the logging scanning and safe tool-use patterns. Artera Security finds the secure path and ships it with our AI Builders and System Engineers.

This role is based in our Seattle WA office. In-person collaboration is intentional – you'll be working shoulder-to-shoulder with our AI builders Systems Engineers and security leadership as we build Artera's Seattle tech hub.

This role supports federal-facing systems and contributes to enterprise security functions. Candidates must meet eligibility for a government background check and follow strict data protection access control and incident response protocols. Familiarity with regulatory frameworks is expected. Ongoing compliance training and evidence-based documentation may be required.

Responsibilities

AI Threat Modeling: Threat-model agentic and LLM-powered features end-to-end: data ingress/egress agent identity tool-use boundaries and the unique risks that come with frontier AI work
Paved Road Tooling: Build the secure SDLC paved road — secure SDLC guardrails prompt/agent identity patterns secrets management PHI/PII redaction patterns
Security Gates: Embed SAST DAST SCA and infrastructure scanning into CI/CD so security gates are part of the pipeline not an afterthought
AI Monitoring Strategy: Identify and pilot an AI monitoring tool to fill the gap our current tooling (Zscaler) doesn't cover
Policy -> Practice: Translate existing security policy into safe tool-use patterns for the Artera Primitives team Systems Engineers and other AI Builder squads
Cross Functional Partnership: Partner cross-functionally with DevOps Systems Engineering and the AI builder teams — meeting AI Builders and engineers in the middle and finding the secure path forward not the "no" path
Security Ownership: Own AWS identity and access management patterns secrets management and security tooling decisions in our AWS environment. Collaborate with System Engineers / DevOps on implementation.
Security Framework Application: Apply frameworks like MITRE ATT&CK MITRE ATLAS OWASP Top 10 and OWASP LLM Top 10 to architectural decisions.

Requirements

AppSec Tenure: 6–10 years in Application Security with a hands-on engineering orientation
LLM & Agent Security: Demonstrable experience with LLM and agent security — OWASP LLM Top 10 MITRE ATLAS prompt/output filtering agent identity and tool-use risk
Threat Modeling Expertise: You’ve built end-to-end threat models for production platforms and translated them into corrective controls
Pipeline Scanning Tools: SAST DAST and infrastructure scanning tools in production CI/CD environments
Shift-Left Security Experience: Taking policy codifying it as infrastructure-as-code (Terraform) and gating CI/CD pipelines on security findings
Cloud Depth: Significant AWS experience (GCP or Azure background acceptable; AWS is learnable but cloud depth is required)
Regulated Environment Experience: Background in regulated environments — healthcare (HIPAA/HITRUST) federal (FedRAMP) or fintech (PCI)
Collaborative Communicator: Strong cross-functional communicator;able to partner with engineers and AI builders find the secure path together.

Bonus

Agentic AI Modeling: Direct experience threat modeling agentic AI systems (rare — but if you have it you're the cherry on top)
Agentic Platform Exposure: AWS Agent Core MCP or similar agent-platform exposure
Growth Stage AI Experience: Experience at a growth-stage company (~50–500 people) that has already adopted agentic AI
Fintech to Agentic Path: Background in fintech transitioning into agentic systems (a common path into this kind of work today)
AI Monitoring Tool Ownership: Past ownership of an AI monitoring tool rollout or evaluation

OUR APPROACH TO WORK LOCATION

Artera has hybrid office locations in Santa Barbara CA and Philadelphia (Wayne) PA where team members typically come in three days a week. Specific frequency can vary depending on your team's needs manager expectations and/or role responsibilities.

In addition to our U.S. office locations we are intentionally building geographically concentrated teams in several key metropolitan areas which we call our “Hiring Hubs.” We are currently hiring remote candidates located within the following hiring hubs:

- Boston Metro Area MA

- Chicago Metro Area IL

- Denver Metro Area CO

- Kansas City Metro Area (KS/MO)

- Los Angeles Metro Area CA

- San Francisco / Bay Area CA

- Seattle Metro Area WA

This hub-based model helps us cultivate strong local connections and team cohesion even in a distributed environment.

To be eligible for employment at Artera candidates must reside in one of our hybrid office cities or one of the designated hiring hubs. Specific roles may call out location preferences when relevant.

As our hubs grow we may establish local offices to further enhance in-person connection and collaboration. While there are no current plans in place should an office open in your area we anticipate implementing a hybrid model. Any future attendance expectations would be developed thoughtfully considering factors like typical commute times and access to public transit to ensure they are fair and practical for the local team.

WORKING AT ARTERA

Company benefits - Full health benefits (medical dental and vision) flexible spending accounts company paid life insurance company paid short-term & long-term disability company equity voluntary benefits 401(k) and more!

Career development - Manager development cohorts employee development funds

Generous time off - Company holidays Winter & Summer break and flexible time off

Employee Resource Groups (ERGs) - We believe that everyone should belong at their workplace. Our ERGs are available for identifying employees or allies to join.

EQUAL EMPLOYMENT OPPORTUNITY (EEO) STATEMENT

Artera is an Equal Opportunity Employer and is committed to fair and equitable hiring practices. All hiring decisions at Artera are based on strategic business needs job requirements and individual qualifications. All candidates are considered without regard to race color religion gender sexual orientation gender identity national origin age disability genetics protected veteran status or any other protected status.

In compliance with federal law all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Artera is committed to providing employees with a work environment free of discrimination and harassment; Artera will not tolerate discrimination or harassment of any kind. Artera provides reasonable accommodations for applicants and employees in compliance with state and federal laws. If you need an accommodation please reach out to [email protected].

DATA PRIVACY

Artera values your privacy. By submitting your application you consent to the processing of your personal information provided in conjunction with your application. For more information please refer to our Privacy Policy.

SECURITY REQUIREMENTS

All employees are responsible for protecting the confidentiality integrity and availability of the organization’s systems and data including safeguarding Artera’s sensitive information such as Personal identifiable Information (PII) and Protected Health Information (PHI). Those with specific security or privacy responsibilities must ensure compliance with organizational policies regulatory requirements and applicable standards and frameworks by implementing safeguards monitoring for threats reporting incidents and addressing data handling risks or breaches.

Skills Required

6-10 years in Application Security
Experience with LLM and agent security
Built end-to-end threat models for production platforms
Experience with SAST DAST and infrastructure scanning tools
Experience in regulated environments (healthcare fintech)
Strong cross-functional communication skills

What the Team is Saying

Artera Compensation & Benefits Highlights

Healthcare Strength—Health coverage includes multiple medical plan options with $0 in‑network mental‑health visit co‑pays alongside dental vision and family‑planning support. This breadth signals strong access and depth in core healthcare benefits.
Parental & Family Support—Paid parental leave for all parents post‑arrival meal support childcare reimbursement during return‑to‑work and a stated fertility credit indicate comprehensive family support. These elements cover both leave and practical transition needs.
Leave & Time Off Breadth—Flexible non‑accrual PTO and a paid sabbatical every five years provide meaningful time away from work. Company‑wide closures and sick time further expand recharge opportunities.

Learn more about Artera's Compensation & Benefits →

Artera Insights

What's It Like to Work at Artera? Artera Culture & Values Artera Career Growth & Development What's the Work-Life Balance Like at Artera? Artera Leadership & Management Artera Company Growth Stability & Outlook

View all jobs at Artera

View Artera Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Santa Barbara CA

250 Employees

Year Founded: 2015

What We Do

Artera a SaaS leader in digital health transforms patient experience with AI-powered virtual agents (voice and text) for every step of the patient journey. Trusted by 1000+ provider organizations — including specialty groups FQHCs large IDNs and federal agencies — engaging 100 million patients annually. Artera’s virtual agents support front desk staff to improve patient access including self-scheduling intake forms billing and more. Whether augmenting a team or unleashing a fully autonomous digital workforce Artera offers multiple virtual agent options to meet healthcare organizations where they are in their AI journey. Artera helps support 2B communications in 109 languages across voice text and web. A decade of healthcare expertise powered by AI. For more information visit www.artera.io.

Why Work With Us

At Artera you’ll work alongside a team of talented hard-working people who are driven to improve healthcare. You will be challenged with complex projects and meaningful work – making your success at Artera all the more meaningful.

Gallery

Artera Offices

Learn More

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Our Santa Barbara HQ Philadelphia and Budapest offices are currently hybrid. We also hire in LA-area SF/Bay Area Boston Chicago Denver Seattle and Kansas City areas. We do not currently have offices there but are looking to that in the future

Typical time on-site: Not Specified