Principal AI Security Engineer, AI Native Platform

About the Team

The Information Security and Technology team is responsible for keeping Life360 safe — our systems, our employees, and the tens of millions of families who trust us with their location data. That obligation is the starting point. How we meet it is what makes this team different.

We are builders. Security controls that don't get used aren't controls. Compliance programs that create friction without reducing risk aren't programs. We build things that work in production, earn adoption from engineering teams, and get better over time — and we use AI to do it at a scale a traditional team couldn't.

We're also at an inflection point. Life360 is deploying agentic systems into how we build and operate, and the security and governance implications of that are still being worked out — by us, and by the industry. The threat surface is expanding. The compliance frameworks are catching up. The people on this team aren't waiting for either.

About the Job

We are hiring a Principal AI Security Engineer to secure Life360's AI infrastructure as it takes shape. You will sit within the AI Native Platform team, reporting directly to the CISO, working alongside the engineers designing and building each layer of the platform.

This role requires both architectural depth and hands-on execution, often in the same week. You will define the security architecture other engineers build within; the trust model, authorization framework, data boundary topology, and threat model. Guide the coherence of these patterns across the teams building model access, agent infrastructure, the knowledge layer, and the end-user platform to interoperate securely and drift doesn't introduce systemic risk. The patterns we are securing are still being defined. Part of the work is figuring out which approaches hold up under real conditions, which ones don't, and scaling what works.You won't be doing this alone, you'll work alongside additional security engineers and the broader team building the platform, with the expectation that this function grows as the platform does.

The data at stake has real weight. Life360's systems carry real-time location data and family relationship graphs for tens of millions of people. These are crown jewels in the truest sense — irreplaceable to the families who trust us with them. Securing the AI systems that interact with this data is not a compliance exercise. It is a core obligation of the product.

What You'll Do

• Own the security strategy for frontier model access and MCP governance. Define how we securely connect to frontier models and external tool integrations: the risk framework, the authorization architecture, and the escalation model before those patterns harden at scale. Set the direction that builders implement within
• Architect the identity and trust model for non-human agents. Define how agents authenticate, how trust is established and revoked across orchestration chains, and how the model evolves as agent capabilities expand, covering service identities, scoped credentials, and least-privilege access patterns across the platform.
• Set the adversarial defense posture for AI systems in production. Define our approach to prompt injection defense, adversarial input handling, and behavioral monitoring patterns and establish the detection philosophy, telemetry requirements, and response framework the team builds and operates within.
• Shape security architecture for the common AI end-user platform. Lead design reviews and build the access controls, data boundary enforcement, and abuse detection that keep a shared AI environment safe across an employee population with varying privilege levels.
• Secure the shared knowledge layer. Define access control and data governance for retrieval and reasoning, ensuring AI-powered tools don't inadvertently surface sensitive data to the wrong systems or users.
• Build AI supply chain integrity into the platform. Develop model provenance practices, service vetting, and dependency controls that keep the AI stack trustworthy as it grows.
• Partner with Privacy, Legal, and Data Platform to ensure the right controls are built into pipelines handling real-time location, family relationship data, and data involving minors.

What We're Looking For

• 15+ years in security engineering with depth in application security, cloud security, IAM, or detection. A track record of building controls that earn adoption, not just approval.
• Security architecture ownership you’ve defined at the platform level in terms of trust models, data boundary topologies, and long-term viability that produces security outcomes without grinding velocity.
• Hands-on fluency with LLM and agentic systems. You've built with these tools, broken them, and shipped fixes for prompt pipelines, RAG architectures, and multi-agent orchestration from the inside.
• Deep grounding in IAM for non-human systems: service identities, OAuth, secrets management, RBAC/ABAC, and least-privilege architecture at scale. You’ve designed and built identity systems, not just consumed them.
• Experience with production telemetry and detection at an architectural level. You’ve defined security observability strategies, not just individual detections.
• Comfort with ambiguity and in-flight builds. You're energized by figuring things out, writing first-draft standards, testing approaches, and scaling what works.
• Strategic judgement on when to build v. buy and ability to lead the organization to wise investments.