All interviews
Reddit logo

Reddit

Senior

Threat-model Reddit's AI/agentic products and turn findings into reusable security guardrails

This role sits in Reddit's Privacy and Assurance org securing AI-powered products: LLM integrations, agentic workflows, MCP servers, and internal AI tools. It is explicitly not an MLE role — the bar is application security judgment plus the builder instinct to turn one-off findings into scanners, guardrails, and platform controls.

Step into this interview

Free · a live voice mock calibrated to this exact role

Practice this interview

What this interview tests

  • Threat modeling LLM/agentic systems and MCP servers
  • AI-specific attack classes: prompt injection, jailbreaks, tool poisoning, data leakage
  • Building reusable security primitives (guardrails, scanners, policy checks, sandboxes)
  • Trust boundary analysis across inference/retrieval/tool-use/execution paths
  • Launch risk judgment and remediation sequencing
  • Communicating technical risk to engineers, PMs, and leadership

Common question themes

Threat model a hypothetical AI feature that uses MCP tools and retrieval

How would you detect and prevent prompt injection in an agentic workflow

Turning a one-off AI security finding into a scalable guardrail or scanner

Deciding whether to block a product launch over a security risk

Reasoning about trust boundaries: user input vs model context vs tool calls

Explaining AI security risk to a non-technical stakeholder

Prior application security fundamentals: code review, vulnerability triage

View the original posting

Related interviews