JOB SUMMARY
Ensure AI and GenAI systems are designed, deployed, and operated securely and in compliance with enterprise technology, cybersecurity, privacy, and regulatory standards. The role focuses on emerging LLM risks as well as traditional cloud, application, and data-security controls.
Key Responsibilities
Design and review secure architectures for AI/ML platforms, LLM applications, RAG pipelines, model-serving environments, and agentic AI workflows.
Conduct threat modeling for prompt injection, jailbreaks, insecure tool use, model inversion, data leakage, retrieval poisoning, adversarial inputs, and unauthorized access.
Implement controls for IAM, encryption, secrets management, network segmentation, API security, logging, secure data handling, and data-loss prevention.
Embed security into MLOps, LLMOps, CI/CD, container security, infrastructure-as-code, and deployment pipelines.
Review third-party models, APIs, open-source packages, AI tools, and vendor platforms for security, privacy, and compliance risks.
Build monitoring and alerting for suspicious AI usage, anomalous access, policy violations, unsafe interactions, and potential data leakage.
Support AI red teaming, penetration testing, vulnerability management, incident response, and remediation planning.
Maintain audit-ready documentation for controls, testing, risk acceptance, and production-readiness reviews.
Required Qualifications
4+ years Strong background in cybersecurity, cloud security, application security, DevSecOps, or technology risk.
Experience securing cloud-native platforms, APIs, microservices, containers, Kubernetes, CI/CD pipelines, and infrastructure-as-code.
Understanding of AI/ML and GenAI-specific risks such as prompt injection, adversarial attacks, data leakage, model misuse, and unsafe tool use.
Familiarity with threat modeling, vulnerability management, security testing, incident response, and secure SDLC practices.
Ability to work directly with engineering teams to implement practical, risk-based controls.
Preferred Qualifications
Experience securing AI/ML platforms or GenAI applications in production.
Financial-services security, technology risk, regulatory, or audit experience.
Familiarity with AI red teaming, model supply-chain risk, secure RAG design, LLM gateways, and privacy-by-design controls.