Job TitleAI Security EngineerJob SummaryWe are seeking an AI Security Engineer to design, implement, and maintain security controls for AI/ML systems throughout their lifecycle. The role focuses on securing AI applications, protecting models and data, identifying AI-specific threats, and ensuring compliance with security and privacy standards. You will work closely with AI engineers, data scientists, DevOps, and cybersecurity teams to build secure, resilient, and trustworthy AI solutions.
Key Responsibilities- Design and implement security controls for AI/ML applications and infrastructure.
- Perform threat modeling for AI systems and identify potential attack vectors.
- Secure model training, deployment, and inference pipelines.
- Conduct security assessments, penetration testing, and vulnerability analysis for AI applications.
- Protect sensitive training and inference data using encryption and access controls.
- Monitor AI systems for adversarial attacks, prompt injection, model abuse, and anomalous behavior.
- Implement secure authentication, authorization, and secrets management.
- Secure APIs, LLM applications, and Retrieval-Augmented Generation (RAG) architectures.
- Collaborate with DevSecOps teams to integrate security into CI/CD and MLOps pipelines.
- Ensure compliance with organizational security policies and industry regulations.
- Respond to security incidents involving AI systems and recommend mitigations.
- Document security architecture, policies, and best practices.
Required SkillsAI & Machine Learning Security- AI/ML lifecycle security
- LLM security
- Prompt injection prevention
- Adversarial machine learning
- Model poisoning detection
- Data poisoning mitigation
- Model theft and extraction prevention
- AI model monitoring
- Secure model deployment
- AI risk assessment
Cybersecurity- Secure Software Development Lifecycle (SSDLC)
- Threat modeling
- Identity and Access Management (IAM)
- Zero Trust principles
- API security
- Network security
- Application security
- Vulnerability assessment
- Penetration testing
- Incident response
- Encryption and key management
Programming- Python
- SQL
- Bash
- JavaScript (preferred)
Cloud Security- AWS Security
- Azure Security
- Google Cloud Platform (GCP) Security
- Cloud IAM
- Cloud logging and monitoring
DevSecOps- Docker
- Kubernetes
- CI/CD pipelines
- GitHub Actions
- Jenkins
- Infrastructure as Code (Terraform)
AI Frameworks & Tools- TensorFlow
- PyTorch
- Hugging Face Transformers
- MLflow
- Kubeflow
- LangChain or similar orchestration frameworks
Security Tools- SIEM platforms
- Burp Suite
- OWASP ZAP
- Nessus
- Splunk
- Microsoft Defender
- CrowdStrike
Preferred Qualifications- Bachelor's or Master's degree in Computer Science, Cybersecurity, AI, or a related field.
- 3-8+ years of experience in cybersecurity, cloud security, DevSecOps, AI security, or application security.
- Experience securing AI/ML or Generative AI applications in production.
- Knowledge of secure coding practices and cloud-native security.
Nice-to-Have Skills- LLMOps
- Retrieval-Augmented Generation (RAG)
- Vector database security
- Secure AI agents
- AI governance and responsible AI
- Privacy-preserving machine learning
- Differential privacy
- Federated learning
- Secure enclaves and confidential computing
- Supply chain security for AI models
Certifications (Preferred)- Certified Information Systems Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Certified Ethical Hacker (CEH)
- CompTIA Security+
- AWS Certified Security - Specialty
- Microsoft Certified: Azure Security Engineer Associate
- Google Professional Cloud Security Engineer
- Offensive Security Certified Professional (OSCP) (preferred for offensive security roles)
Example Tech Stack- Languages: Python, SQL, Bash
- Cloud: AWS, Azure, GCP
- Containers: Docker, Kubernetes
- Infrastructure as Code: Terraform
- AI Frameworks: PyTorch, TensorFlow, Hugging Face
- LLM Frameworks: LangChain, LlamaIndex
- MLOps: MLflow, Kubeflow
- Security: OWASP ZAP, Burp Suite, Nessus, Splunk
- Monitoring: Prometheus, Grafana
- Version Control: Git, GitHub
Common Interview Topics- AI threat modeling
- Prompt injection and jailbreak attacks
- Adversarial machine learning
- Data and model poisoning
- Model extraction and inversion attacks
- Secure LLM application architecture
- API security and authentication
- Cloud security for AI workloads
- DevSecOps practices
- Secure CI/CD for AI applications
- AI governance and compliance
- Incident response for AI systems
- Encryption, secrets management, and identity management
- AI supply chain security (models, datasets, dependencies)
