We are seeking a Senior Security AI Engineer to strengthen and advance enterprise cybersecurity capabilities across cloud, on-premises, hybrid, and AI-enabled environments. This role combines deep expertise in cybersecurity engineering with a strong understanding of AI/ML systems, AI governance, and secure deployment practices. The ideal candidate will design and implement security controls, secure AI-enabled technologies, enhance threat detection and response capabilities, and support regulatory compliance while reducing enterprise risk in an evolving threat landscape.
Key Responsibilities
Design, implement, and maintain security controls across cloud, on-premises, and hybrid environments.
Lead threat modeling exercises, secure design reviews, and architecture assessments for new and existing systems.
Develop and maintain secure configurations, hardening standards, and security baselines for operating systems, cloud platforms, networks, and identity systems.
Collaborate with DevOps and engineering teams to integrate security controls into CI/CD pipelines and software development processes.
Evaluate, secure, and monitor AI/ML systems, including large language models (LLMs), model pipelines, and supporting data flows.
Implement controls to mitigate AI-related risks, including prompt injection, model poisoning, model extraction, adversarial attacks, data privacy concerns, and supply chain vulnerabilities.
Establish and maintain AI governance practices aligned with industry frameworks and regulatory requirements.
Assess third-party AI tools and technologies for security, privacy, and compliance risks.
Enhance threat detection capabilities across SIEM, EDR/XDR, cloud security platforms, identity systems, and security telemetry sources.
Lead investigations of complex security incidents and coordinate response activities.
Develop security playbooks, automation workflows, and response procedures to improve detection and response effectiveness.
Conduct risk assessments, gap analyses, and security control maturity evaluations.
Support audits, compliance reviews, and regulatory assessments through documentation and evidence collection.
Lead vulnerability management initiatives, including remediation prioritization and penetration testing coordination.
Implement and maintain attack surface management capabilities to identify unmanaged assets, exposures, and security risks.
Collaborate with infrastructure and application teams to ensure timely remediation of vulnerabilities and configuration issues.
Mentor and provide guidance to junior security professionals and cross-functional teams.
Develop security architecture standards, policies, patterns, and best practices.
Communicate security risks, recommendations, and technical concepts effectively to technical and non-technical stakeholders.
Required Qualifications
7+ years of experience in cybersecurity engineering, security architecture, or related security roles.
Strong experience with cloud security technologies and architectures in AWS, Azure, and/or Google Cloud Platform (GCP).
Expertise in identity and access management, network security, encryption technologies, and secure software development practices.
Hands-on experience with SIEM, EDR/XDR platforms, vulnerability management tools, and cloud-native security solutions.
Deep understanding of security architecture, cloud platforms, data protection, and AI/ML security concepts.
Experience securing MLOps and LLMOps pipelines, implementing monitoring controls, and establishing security guardrails.
Experience conducting AI threat modeling, model governance assessments, and data protection initiatives.
Knowledge of AI security risks, including prompt injection, data poisoning, model extraction, adversarial attacks, and supply chain threats.
Understanding of AI/ML model lifecycles, including model training, fine-tuning, deployment, monitoring, evaluation, and drift detection.
Experience integrating AI telemetry and monitoring into security operations.
Strong understanding of application security, API security, container security, Kubernetes security, network segmentation, secrets management, and identity-centric security controls.
Experience with risk management frameworks, governance programs, and compliance requirements.
Strong communication, leadership, analytical, and problem-solving skills.
Ability to communicate complex technical risks and recommendations to both technical and business stakeholders.
Preferred Qualifications
Experience securing large language models (LLMs), vector databases, AI agents, and model APIs.
Knowledge of AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, EU AI Act, or similar standards.
Experience with Infrastructure as Code (IaC) security, including Terraform, CloudFormation, or similar technologies.
Experience with container security and Kubernetes environments.
Familiarity with Zero Trust architectures and identity-centric security models.
Experience leading AI red teaming exercises and advanced security assessments.
Experience in financial services or other highly regulated industries.
Certifications
CISSP (Certified Information Systems Security Professional)
CCSP (Certified Cloud Security Professional)
OSCP (Offensive Security Certified Professional)
GIAC Certifications
Cloud Security Certifications (AWS, Azure, or GCP)