Scale AI
Strategic Projects Lead, Red Team
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About Scale AI
Scale AI is a data infrastructure company that specializes in providing high-quality training data and technologies for AI model development and deployment. Founded in 2016 by Alexandr Wang and Lucy Guo, Scale AI has grown from a data annotation startup into a comprehensive "data foundry"that serves enterprises, governments, and AI labs across various industries. The company offers a range of services, including human-powered data labeling and annotation, Reinforced Learning with Human Feedback (RLHF) technology, and end-to-end machine learning lifecycle management solutions. Scale AI also develops specialized AI agents and provides full-stack data and technology solutions for building and overseeing AI applications. With a focus on delivering correctly labeled datasets, Scale AI aims to enhance the effectiveness of machine learning models. Scale AI has established partnerships with leading organizations such as Meta, Microsoft, and OpenAI, and has achieved significant financial milestones, including projected revenues of $2 billion in 2025 and a valuation exceeding $29 billion.
Security at Scale AI
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
“Scale AI's AppSec mission is to treat security as foundational, integrating it deeply into their company culture and product development lifecycle, and to protect their customers' data. They conduct in-depth code reviews to identify and remediate security vulnerabilities and guide engineering teams to build robust long-term solutions that consider security and privacy. Their risk philosophy involves providing access to their latest security compliance certifications and reports via their Trust Center, including SOC 2 Type II. They also provide a way to report vulnerabilities. Explicit statements describing AppSec as 'developer-first' or 'gatekeeping', or a public statement of a risk-tolerance threshold or formal risk prioritization framework are not publicly available.”
Security Team
Alex Levinson is the Chief Information Security Officer at Scale AI. He has stated, 'we've started building out our Security Operations team at Scale AI.' The explicit reporting line for AppSec and whether it is centralized or embedded is not publicly available. The team size estimate is also not publicly available. As of, there is 1 active AppSec job posting for a 'Security Engineer, Product Security' and a stale listing for 'Security Engineer, Detection & Incident Response'. Common skill patterns from job postings include 'Proficiency in NodeJS, TypeScript, Python, and/or Kubernetes,' the ability to 'Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST),' and to 'Utilize terraform orchestration.' A consolidated public list showing the entire AppSec team's headcount or org chart is not publicly available.
Key Initiatives
Scale AI has no public evidence of a Security Champions Program. For 'Shift Left' practices, they 'Conduct in-depth code reviews to identify and remediate security vulnerabilities' and 'Implement and maintain CI/CD pipelines with a strong focus on security.' Their vulnerability management process includes an intake method where users can 'Need to report a vulnerability?'. However, explicit public SLAs, MTTR targets, or Jira/ticketing ownership statements related to vulnerability triage and remediation are not publicly available. For Secure SDLC Artifacts, they 'Evaluate and enhance the security of our product offerings, through RFC and service review.' Explicit public statements requiring threat modeling for specific services or describing annual pen test cadence are not publicly available. No explicit, dated public announcements describing new AppSec-specific programs, tool rollouts, or policy changes in the last six months beyond job postings and the company security/trust pages are publicly available.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.