Staff Engineer, AI Security and Product Security

Your work will change lives. Including your own.

The Impact You’ll Make

• Define and lead product security strategy across web, mobile, API, cloud, infrastructure, and container security — conducting threat modeling, risk assessments, and security reviews throughout the development lifecycle with a strong shift-left focus.

• Embed secure development practices by designing and implementing secure coding standards, encryption, and security testing methodologies in close collaboration with development and ML teams, ensuring products are secure, resilient, and trustworthy.

• Own Enterprise AI Security end-to-end — from securing LLM integrations, agentic pipelines, and ML model ingestion to defending against AI-specific threats (prompt injection, data poisoning, model extraction, RAG poisoning, ), building AI incident response playbooks, and red-teaming AI systems across Recursion's product surfaces.

• Secure the AI supply chain and MLOps infrastructure by vetting third-party foundation models, open-source weights, and AI APIs before production integration, and partnering with ML engineering to protect training pipelines, feature stores, and model serving endpoints.

• Champion compliance and AI governance by operationalizing frameworks such as OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, and EU AI Act requirements — collaborating with legal, privacy, and responsible AI teams to support audits and evolving regulatory expectations.

• Scale security as a force multiplier by evaluating and deploying security tooling, detecting policy violations, driving security outcomes, and ensuring security initiatives never become a bottleneck to business objectives.

• Elevate the security culture across the organization by serving as a subject matter expert, mentoring engineering teams, and leading incident response efforts from investigation through mitigation and prevention.

• Maintain the security foundation through thorough documentation — including security requirements, guidelines, and incident response plans — and hands-on penetration testing and code reviews to simulate and get ahead of real-world threats.

The Team You'll Join

• You will join a growing Information Security team at Recursion, focused on enabling Recursion to decode biology by providing world class technology services that are designed and fit for purpose. You'll collaborate with your teammates and across departments to agree on what the most important challenges and capabilities are, then figure out how to get us there.

The Experience You'll Need

• Education & Tenure: Bachelor's or Master's degree in Computer Science, Information Security, or a related field, with 10+ years of experience in product security or application security and a proven track record securing complex products.

• Security Fundamentals: Deep understanding of security principles, threats, and countermeasures as they relate to product design and development, with familiarity across standards and frameworks including OWASP, NIST, ISO/IEC 27001, and CVSS-based vulnerability prioritization.

• Offensive Security & Penetration Testing: Hands-on proficiency with penetration testing frameworks and tools (Metasploit, Burp Suite, Nmap, Wireshark), web application attack techniques (SQL injection, XSS, CSRF, OWASP Top Ten), and the ability to simulate real-world attacks and assess their impact.

• Secure Development & Engineering: Expertise in one or more programming languages (e.g., Python, Java, C++) with strong command of secure coding practices, encryption standards, and integrating security tooling into CI/CD and development workflows.

• Enterprise AI Security: Demonstrated experience securing AI/ML systems and LLM-powered or agentic products in production — including familiarity with AI attack surfaces (prompt injection, data poisoning, model extraction, membership inference, RAG poisoning) and hands-on red-teaming of AI pipelines and agentic workflows.

• AI Frameworks & Supply Chain Risk: Working knowledge of AI security frameworks (OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF, EU AI Act) and experience vetting third-party foundation models, open-source weights, and AI APIs as part of a structured supply chain security program.

• MLOps & Model Security: Familiarity with securing ML infrastructure — including training pipelines, experiment tracking, model registries, and inference endpoints — and designing least-privilege access controls for AI agents with external system or tool access.

• Leadership & Communication: Excellent communication and influencing skills, with the ability to drive security initiatives across engineering, legal, privacy, and executive stakeholders and mentor teams on security best practices.

• Certifications (Highly Desirable): CISSP, OSCP, or GWAPT for core security credentialing, plus AI-focused certifications such as GAISC, Offensive ML (OffSec), or cloud provider AI security tracks (AWS/GCP).

Working Location & Compensation:

Making SLC your home base is ideal, however, we will consider remote work for this position. We ask that remote employees commit to regular on-site visits for routine work and departmental events.

At Recursion, we believe that every employee should be compensated fairly. Based on the skill and level of experience required for this role, the estimated current annual base range for this role is $186,900 to $220,400 (USD). You will also be eligible for an annual bonus and equity compensation, as well as a comprehensive benefits package.

#LI-BO1

#LI-REMOTE

The Values We Hope You Share:

• We act boldly with integrity. We are unconstrained in our thinking, take calculated risks, and push boundaries, but never at the expense of ethics, science, or trust.

• We care deeply and engage directly. Caring means holding a deep sense of responsibility and respect - showing up, speaking honestly, and taking action.

• We learn actively and adapt rapidly. Progress comes from doing. We experiment, test, and refine, embracing iteration over perfection.

• We move with urgency because patients are waiting. Speed isn’t about rushing but about moving the needle every day.

• We take ownership and accountability. Through ownership and accountability, we enable trust and autonomy—leaders take accountability for decisive action, and teams own outcomes together.

• We are One Recursion. True cross-functional collaboration is about trust, clarity, humility, and impact. Through sharing, we can be greater than the sum of our individual capabilities.

Our values underpin the employee experience at Recursion. They are the character and personality of the company demonstrated through how we communicate, support one another, spend our time, make decisions, and celebrate collectively.

More About Recursion

Recursion (NASDAQ: RXRX) is a clinical-stage TechBio company decoding biology to radically improve lives. Recursion is advancing a portfolio of differentiated investigational medicines across its wholly owned and partnered pipeline in oncology, rare disease, neuroscience, immunology, and other therapeutic areas with significant unmet need. Enabling its mission is the Recursion OS, an AI-native, end-to-end drug discovery and development platform integrating biology, chemistry, and clinical development into a unified intelligence system. Powered by proprietary multimodal data, purpose-built AI models, and bilingual teams fluent in both science and AI, the Recursion OS is designed to translate complex science into medicines that matter — faster, better, and at scale — for patients who are waiting.

Recursion’s platform infrastructure is anchored in Salt Lake City, Utah and Milton Park, Oxfordshire, where its automated biology and chemistry laboratories generate proprietary data at industrial scale. Recursion also maintains offices in New York, Montréal, and London, three global hubs for talent and leadership at the intersection of AI and scientific innovation. Learn more at www.recursion.com, or connect on X and LinkedIn.

Recursion is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected under applicable federal, state, local, or provincial human rights legislation.

Accommodations are available on request for candidates taking part in all aspects of the selection process.

Recruitment & Staffing Agencies: Recursion Pharmaceuticals and its affiliate companies do not accept resumes from any source other than candidates. The submission of resumes by recruitment or staffing agencies to Recursion or its employees is strictly prohibited unless contacted directly by Recursion’s internal Talent Acquisition team. Any resume submitted by an agency in the absence of a signed agreement will automatically become the property of Recursion, and Recursion will not owe any referral or other fees. Our team will communicate directly with candidates who are not represented by an agent or intermediary unless otherwise agreed to prior to interviewing for the job.