In short
As our Staff Engineer (AI Security), your mission is to define and implement the security strategy for AI agents, chatbots, LLM models, and agentic workflows developed internally or deployed through cloud-based platforms. You will secure AI from idea to production: covering development standards, model security, pre-deployment security checks, identity and access controls, logging, monitoring, alerting, and continuous testing. You will help the organization adopt AI safely by ensuring that every AI agent, chatbot, and LLM-based solution has clear ownership, a defined identity, appropriate permissions, proper monitoring, and security controls that match its risk.
Your Mission
A key part of your mission will be to protect the business from emerging AI-specific threats such as prompt injection, model misuse, model manipulation, excessive permissions, data leakage, insecure tool use, unauthorised agent actions, and misuse of externally facing AI services:
- You will establish the practical security controls needed to govern AI agents, chatbots, LLM models, and agentic workflows. This includes defining ownership, risk classification, approval processes, minimum security requirements, and maintaining visibility over agents, models, data access, identities, permissions, integrations, and exposure levels.
- You will partner with engineering, data, cloud, and product teams to embed security into AI delivery. This includes security reviews before deployment, threat modeling, model and prompt security checks, access reviews, data leakage testing, secure architecture guidance, and validation of high-risk components such as APIs, tools, memory, RAG, vector databases, and model-serving environments.
- You will build the operational security layer for AI systems already in production. This includes logging requirements, clear separation of human and agent activity, SOC/SIEM integration, alerting for elevated permissions or suspicious behavior, monitoring for model abuse and access drift, and continuous testing of externally facing agents against prompt injection, jailbreaks, data leakage, and other AI-specific attacks.
Image gallery
Your story
- You bring solid hands-on experience in AI security, with a strong understanding of how to secure AI agents, chatbots, LLM-based applications, model-serving environments, and agentic workflows in production. You have practical experience assessing AI-specific risks such as prompt injection, jailbreaks, data leakage, insecure tool use, excessive agency, model misuse, model extraction, insecure output handling, and abuse of externally facing AI systems.
- You are a senior individual contributor who can operate independently, set direction, and turn emerging AI security risks into practical controls, patterns, and engineering requirements. You have strong experience across application security, cloud security, identity and access management, secure software delivery, APIs, secrets management, logging, monitoring, and security testing.
- You are comfortable partnering directly with engineering, data, ML, cloud, IAM, SOC, and product teams to embed security into the AI lifecycle from design through production. Experience with AI red teaming, adversarial testing, SIEM detection use cases, incident response, MLOps/DevSecOps, OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, or similar AI security frameworks would be a strong advantage.
About the Team
As a leading running brand, On’s technology division operates in a dynamic, fast-paced environment and plays a critical role in enabling innovation across the business. As AI adoption accelerates and to enable this safety and at scale, we are creating a dedicated senior AI Security role within the Information Security team to shape how we securely design, deploy, and operate AI agents, chatbots, LLM-based applications, and agentic workflows across local and cloud environments. You will protect the company’s AI ecosystem by defining practical security controls, embedding security into AI delivery, and ensuring AI systems are monitored, tested, and operated safely. Working closely with Engineering, Data, Product, Cloud, IAM, and Cyber Defence, you will focus on LLM model security, agent identity and permissions, pre-deployment security checks, AI-specific monitoring and alerting, and continuous testing of externally facing agents against prompt injection, jailbreaks, data leakage, and other emerging AI threats.
About the Team video
What we offer
On is a place that is centered around growth and progress. We offer an environment designed to give people the tools to develop holistically – to stay active, to learn, explore and innovate. Our distinctive approach combines a supportive, team-oriented atmosphere, with access to personal self-care for both physical and mental well-being, so each person is led by purpose.
On is an Equal Opportunity Employer. We are committed to creating a work environment that is fair and inclusive, where all decisions related to recruitment, advancement, and retention are free of discrimination.
What to expect
We want to set everyone up for success, so here’s the lowdown on how we hire. Our process is a two-way street – bringing you into our culture, while helping us learn how you think.
Our full process can last about eight weeks from application to offer, because we care about getting it right. These steps explain how we usually do things.
Before you get started, feel free to consider if you want to work with us. Strange question? Well, we give people a lot of space to navigate their day-to-day and that style isn't for everyone. We want you to be passionate about what you do and be sure this is the right fit. Because when skills and passion combine – it creates that 'Wow' moment.