Job Title: AI Security Engineer (GRC)
Location: Remote
Employment Type: W2 Only (No OPT)
Job Summary:
We are seeking an experienced AI Security Engineer (GRC) to lead secure AI adoption within a HIPAA-regulated healthcare environment. This role will act as a subject matter expert at the intersection of AI and cybersecurity, focusing on vendor risk assessment, secure implementation, and governance of AI/LLM platforms.
Key Responsibilities:
• Conduct security assessments of AI vendors and tools prior to adoption
• Evaluate data handling, model transparency, and compliance posture of AI platforms
• Provide secure implementation guidance for AI tools including Copilot Studio, Azure AI, Snowflake Cortex, and LLM-based systems
• Review and secure AI integrations such as APIs, MCP servers, agentic workflows, and CLIs
• Enforce secure configurations, authentication standards, and least-privilege access controls
• Perform AI threat modeling, risk assessments, and red-team exercises
• Maintain AI risk register aligned with NIST AI RMF
• Ensure compliance with HIPAA, HITECH, and security policies
• Review AI architecture for data security, PHI protection, and trust boundaries
• Support governance, security approvals, and CAB processes for AI deployments
• Develop security policies, standards, and training for AI adoption
Required Qualifications:
• Bachelor's degree in Cybersecurity, Computer Science, or related field
• 7+ years of experience in Information Security
• 2+ years of experience in AI/ML security or AI technology evaluation
• Hands-on experience with AI tools such as Azure AI, Copilot, OpenAI/Claude APIs, or similar
• Strong knowledge of AI/LLM security risks (prompt injection, data leakage, model attacks)
• Experience with vendor risk assessments and security documentation
• Understanding of frameworks: NIST AI RMF, HITRUST, OWASP (LLM Top 10)
• Experience in HIPAA-regulated environments (Healthcare preferred)
Technical Skills:
• Identity & Access Management (OAuth2, OIDC, SAML)
• API and Network Security
• AI/LLM frameworks (LangChain, AutoGen, Semantic Kernel)
• Threat modeling (STRIDE, PASTA)
• Cloud security (Azure preferred)
• SIEM/SOAR and logging practices
Nice to Have:
• Experience with AI red-teaming tools (Garak, PyRIT, PromptBench)
• Knowledge of MITRE ATT&CK / ATLAS
• Familiarity with EU AI Act and healthcare AI regulations
• Experience securing AI CLIs and agentic workflows
HR
Xlysi LLC, Expert Portal Solutions 251 Milwaukee Ave, Buffalo grove, IL 60089
Web : http://www.xlysi.com
E-mail:
[email protected] Our training portal registration:
http://xlysi.catsone.com/careers/index.php?m=portal&a=apply&jobOrderID=345179&portalID=2106
