Sr. Staff Vulnerability & AI Security Engineer (Hybrid)

Sr. Staff Vulnerability & AI Security Engineer (Hybrid-San Jose,CA)

Job Overview

We are seeking a Sr. Staff Vulnerability & AI Security Engineer to architect and lead Archer’s enterprise vulnerability management strategy while establishing technical, secure guardrails for AI adoption. Reporting directly to the CISO, you will serve as a technical principal and "player-coach," owning the end-to-end vulnerability lifecycle across cloud, endpoints, applications, and identity.

This is a high-influence, high-execution role. You will move between high-level strategy and deep-dive engineering, partnering with teams to drive measurable risk reduction through automation, rigorous prioritization, and disciplined remediation. You will operationalize modern approaches such as attack surface management and AI-assisted detection while ensuring our security posture meets the high bar of aerospace compliance (NIST SP 800-171, CMMC, ITAR).

Key Responsibilities

• Architect Enterprise Strategy: Design and own the end-to-end vulnerability management architecture—from discovery and coverage to automated validation and executive reporting.

• Risk-Based Prioritization: Establish a sophisticated prioritization model that integrates asset criticality, threat intelligence, and exploitability to ensure engineering teams focus on the "critical few" over the "noisy many."

• Technical AI Governance: Lead the technical implementation of AI security; design and deploy guardrails for GenAI usage, detect "Shadow AI," and build technical controls to prevent IP leakage into public LLMs.

• Attack Surface Engineering: Partner with Cloud and Infrastructure teams to integrate CNAPP/CSPM findings and build automated workflows that reduce configuration-driven exposure in AWS/Azure.

• Shift-Left Leadership: Drive DevSecOps excellence by embedding SAST/DAST/SCA and secrets scanning into CI/CD pipelines, preventing vulnerabilities from reaching production.

• Metrics & Storytelling: Define and operationalize technical KPIs (MTTR, risk burn-down, coverage) that translate raw technical data into business risk for executive leadership.

• Tactical Response: Lead high-severity vulnerability response efforts, providing technical validation, containment strategies, and verification of remediation.

• Technical Mentorship: Act as a "multiplier" by setting engineering standards, mentoring security analysts, and leading cross-functional remediation initiatives through technical influence rather than just authority.

Required Qualifications

• 8+ years of security engineering experience with a heavy focus on vulnerability management, AppSec, or cloud security.

• Staff-Level Influence: Proven track record of leading complex, enterprise-wide security programs and driving technical change across diverse engineering organizations.

• Cloud Depth: Strong hands-on experience in AWS, GCP, or Azure, specifically regarding identity, secure configuration, and automated telemetry.

• Tooling Mastery: Deep expertise in the modern security stack (SAST/DAST/SCA, scanners, and automated ticketing workflows).

• Regulatory Fluency: Practical understanding of how vulnerability evidence supports compliance in regulated environments (NIST SP 800-171, CMMC Level 2, ITAR).

• Communication: Exceptional ability to translate a complex CVE into a business risk narrative for non-technical stakeholders.

Preferred Qualifications

• AI Security Practitioner: Experience implementing technical enforcement (not just policy) for AI usage and data leakage prevention.

• Automation Specialist: Experience building automated triage and enrichment workflows to reduce "security friction" for developers.

• Aerospace/Defense Background: Prior experience in high-stakes, auditable environments where "checkbox security" isn't an option.

What changed?

• Shifted the Tone: Removed "Head of" language in favor of terms like "Technical Principal," "Architect," and "High-influence individual contributor."

• Focused on "The How": Instead of just "managing a program," the focus is now on "designing and deploying" the architecture of that program.

• Influence vs. Authority: Emphasized the ability to drive change through technical merit and cross-functional partnership, which is the hallmark of a Staff-level engineer

Please note that this job description is intended to provide a general overview of the position and does not include an exhaustive list of responsibilities and qualifications

At Archer, we aim to attract, retain, and motivate talent with the skills and leadership needed to grow our business. We drive a pay-for-performance culture and reward performance that supports the Company’s strategy. For this position, we are targeting a base pay range of $182,500 - $240,900. Actual compensation offered will be determined by job-related knowledge, skills, and experience.

Archer is proud to be an Equal Opportunity employer committed to diversity and inclusivity in the workplace. All aspects of employment are decided on the basis of merit, qualifications, and business needs. We do not discriminate based upon race, color, religion, sex, sexual orientation, age, national origin, disability status, protected veteran status, gender identity or any other characteristic protected by federal, state or local laws.

Archer is committed to working with and providing reasonable accommodations to job applicants with physical or mental disabilities, and those with sincerely held religious beliefs. Applicants who may require reasonable accommodation for any part of the application or hiring process should provide their name and contact information to Archer’s People Team at [email protected]. Reasonable accommodations will be determined on a case-by-case basis.