Job Summary:
We are seeking a Senior Security AI Engineer to strengthen our cybersecurity posture across cloud, on-premises, and AI-enabled systems. This role is ideal for someone who combines deep technical security expertise with a forward-looking understanding of AI risks, governance, and secure deployment practices. You will design, implement, and maintain security controls that protect sensitive financial data, ensure regulatory compliance, and reduce enterprise risk in an evolving threat landscape.
Key Responsibilities
Security Architecture & Engineering
• Design, implement, and maintain security controls across cloud, on-premises, and hybrid environments.
• Lead threat modeling, secure design reviews, and architecture assessments for new and existing systems.
• Develop and maintain secure configurations, baselines, and hardening standards (OS, cloud, network, identity).
• Partner with DevOps and engineering teams to embed security into CI/CD pipelines.
AI Security & Governance
• Evaluate and secure AI/ML systems, including LLMs, model pipelines, and data flows.
• Implement controls for model access, data privacy, prompt injection prevention, model poisoning, and supply chain risks.
• Establish AI governance practices aligned with NIST AI RMF, ISO/IEC 42001, and emerging regulatory requirements.
• Assess third-party AI tools for security and compliance risks.
Threat Detection & Response
• Enhance detection capabilities across SIEM, EDR/XDR, cloud telemetry, and identity systems.
• Lead investigations into complex security incidents, including zero-day exploitation and advanced persistent threats.
• Develop playbooks, automation, and response workflows to reduce detection and response times.
Risk Management & Compliance
• Align security controls with frameworks such as NIST CSF, NIST 800-53, CIS Controls, ISO 27001, PCI DSS, and FFIEC.
• Conduct risk assessments, gap analyses, and control maturity evaluations.
• Support audits, regulatory reviews, and evidence collection.
Vulnerability & Attack Surface Management
• Lead vulnerability management, penetration testing coordination, and remediation prioritization.
• Implement and maintain CAASM/EASM tooling to identify shadow IT, unknown assets, and external exposures.
• Partner with infrastructure teams to ensure timely patching and configuration compliance.
Collaboration & Leadership
• Mentor junior engineers and guide cross-functional teams on secure engineering practices.
• Communicate risks and recommendations clearly to technical and non-technical stakeholders.
• Drive continuous improvement of security processes, tooling, and automation.
• Produce architecture patterns and policies, and provide strategic guidance to engineering and leadership.
Required Skills & Experience
Candidates must have proven experience in the following areas:
• AI threat modeling, model governance, and data protection.
• Securing MLOps/LLMOps pipelines and implementing guardrails and monitoring.
• Leading AI red teaming engagements and integrating AI telemetry into security operations.
• Ensuring compliance with privacy and regulatory requirements.
• Using automation and tooling to monitor, detect, and respond to AI threats at scale.
• Understanding how models are trained, fine-tuned, evaluated, and deployed.
• Interpreting evaluation metrics and reasoning about model drift.
• Knowledge of base vs. fine-tuned models, zero-shot and few-shot behavior, embeddings and similarity search, and supervised vs. reinforcement learning.
Required Qualifications
• 7+ years of experience in cybersecurity engineering, architecture, or related roles.
• Strong knowledge of cloud security (AWS, Azure, or GCP).
• Expertise in identity and access management, network security, encryption, and secure coding practices.
• Hands-on experience with SIEM, EDR/XDR, vulnerability scanners, and cloud-native security tools.
• Deep experience in security architecture, cloud platforms, data security, and AI/ML systems.
• Background in identity and access management, network segmentation, application security, API hardening, securing containers and Kubernetes clusters, and protecting secrets and access tokens.
• Strong communication skills, cross-functional leadership ability, and familiarity with AI Risk and Governance Frameworks.
• Familiarity with AI/ML systems and defenses against threats including prompt injection, data poisoning, model extraction, and adversarial attacks.
Preferred Qualifications
• Experience securing LLMs, vector databases, model APIs, and AI agents.
• Knowledge of NIST AI RMF, ISO/IEC 42001, EU AI Act, or similar AI governance frameworks.
• Certifications such as CISSP, CCSP, OSCP, GIAC, or cloud security certifications.
• Experience with IaC security (Terraform, CloudFormation), container security, and Kubernetes.
• Familiarity with zero trust architectures and identity-centric security models.
What We're Looking For
The ideal candidate is fluent in the architecture of AI systems — how data flows, what components are attack surfaces, and how to secure integration points. They ask the right questions to ensure a strong risk and defense posture and can translate complex technical risks into clear guidance for both engineering teams and executive leadership.