AI Security & Control Engineer in London

We are building Watcher, a coding agent security product. We are looking for a security & control expert to help us design better threat models and control protocols against AI adversaries, and improve the effectiveness and security of Watcher. A security & control expert embedded in the product team with three functions:

• Research: Supporting Apollo's monitoring research with threat modeling, attack design, red‑team and trajectory analysis (~50%)
• Expert view: Bring a security expert’s view of what security buyers need to make Watcher a better product (~25%)
• Product security: Improve the security posture of Watcher and Apollo's product infrastructure (~25%)

This is truly a “start‑up role” in the sense that you have many responsibilities and have significant say in shaping the direction of the role. This is an individual contributor role but could lead to management responsibilities eventually, if desired.

KEY RESPONSIBILITIES

• Security support for research (50%)
• Threat modeling for coding agents: Develop threat models for coding agents under the assumption that they could be misaligned or compromised. This includes near‑term threats like AI agents leaking private internal data and long‑term threats like agents sabotaging safety research.
• Failure mode library and literature: Maintain our library of coding agent failure modes and keep it comprehensive, accurate, and current.
• Attack design for monitor development: Design realistic attack trajectories and example exploits for monitor development and backtesting.
• Trajectory adjudication: Serve as security adjudicator for flagged trajectories.
• Red‑teaming Watcher: Red‑team and improve Watcher's monitors and policies, document findings, and feed them into product improvement.
• Security expertise for product (25%)
• Failure mode prioritization and CISO perspective: Understand which failure modes are the biggest problems and prioritise systematically what is most useful to solve for security buyers.
• Customer engagement and landscape awareness: Join customer/prospect calls to understand security needs firsthand.
• Customer‑facing security artifacts: Own security questionnaire responses, product security whitepapers, and support for customer pen‑tests.
• Improving security posture for product (25%)
• Attack surface, infrastructure, and isolation: Own AppSec standards for the product engineering team.
• Data handling and multi‑tenancy: Define security requirements for tenant isolation, encryption at rest/in transit, access controls, and data retention policies.
• Product threat model and incident response: Co‑own the product‑specific threat model with the product team lead.

REPRESENTATIVE PROJECTS

• Develop a comprehensive coding agent threat model.
• Improve our database of failure modes.
• Prioritize failure modes that Watcher should cover.
• Design a security roadmap for keeping customer data for Watcher secure.

JOB REQUIREMENTS

Must‑haves:

• 5+ years in security roles in a hands‑on technical capacity.
• Engineering mindset: You treat security as an engineering problem.
• Direct experience with application security, cloud security, or product security.
• Strong understanding of enterprise security buyer concerns.
• Comfortable working in a small, fast‑moving team.
• Strong written communication.

Strong nice‑to‑haves:

• Experience with AI/ML systems security.
• Detection engineering, SOC, or incident analysis experience.
• Familiarity with insider threat programmes or insider risk frameworks.
• Experience in a security vendor or security product company.
• Red‑teaming or offensive security background.

Explicitly not required:

• Management experience.
• Specific certifications (CISSP, etc.).

BENEFITS

This role offers market competitive salary, equity, and competitive benefits. Salary: 135k - 200k GBP (~180k - 270k USD). Flexible work hours and schedule. Unlimited vacation. Unlimited sick leave. Up to 6 months of paid parental leave. Comprehensive health, dental and vision insurance. Retirement savings with competitive employer matching. Lunch, dinner, and snacks are provided for all employees on workdays. Paid work trips, including staff retreats, business trips, and relevant conferences. A yearly $1,000 (USD) professional development budget. Relocation support and visa fees (if applicable).

LOGISTICS

Time Allocation: Full‑time. Location: This is an in‑person role working out of our London or San Francisco office. We offer flexible working hours and some WFH arrangements. Visa sponsorship: We sponsor visas in both the UK and US.

ABOUT THE TEAM

The Product / Control team is a new team. You will work closely with various team members and interact with other SWEs and researchers.

ABOUT APOLLO RESEARCH

At Apollo Research, we’re primarily concerned with risks from Loss of Control. We work on the detection of scheming, the science of scheming, and scheming mitigations. We aim for a culture that emphasises truth‑seeking, being goal‑oriented, giving and receiving constructive feedback, and being friendly and helpful.

Equality Statement: Apollo Research is an Equal Opportunity Employer. We value diversity and are committed to providing equal opportunities to all.