AI Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

Roles and Responsibilities

• AI Security Architecture & Assessment: Advise on and assess the security posture of AI/ML systems, including LLMs, GenAI pipelines, and model serving infrastructure — identifying vulnerabilities, attack surfaces, and gaps against industry frameworks (e.g., OWASP LLM Top 10, MITRE ATLAS).
• Threat Modeling for AI Systems: Lead threat modeling exercises specific to AI workloads, covering adversarial inputs, prompt injection, model inversion, data poisoning, and supply chain risks across SaaS, self-hosted, and local AI deployments.
• Secure AI Integration Guidance: Advise internal teams on securely integrating SaaS AI services and APIs (e.g., OpenAI, Azure OpenAI, Bedrock) into enterprise applications, including safe handling of credentials, outputs, and user data.
• Data Security & Privacy Controls: Evaluate and recommend controls for data ingestion pipelines, RAG architectures, and vector databases to prevent unauthorized data exposure, leakage through model outputs, or non-compliant data processing.
• Collaboration & Stakeholder Engagement: Serve as a trusted security advisor bridging business stakeholders, AI/ML engineers, IT operations, and information security teams on all matters related to AI risk and security.
• Stay Current on AI Threat Landscape: Continuously track emerging AI security research, adversarial techniques, regulatory developments, and vendor security advisories to keep client guidance relevant and proactive.
• Security Documentation & Standards: Produce and maintain security architecture documentation, risk assessments, control frameworks, and guidelines tailored to the organization's AI environment.
• Strategic AI Security Roadmap: Contribute to the development of a long-term AI security strategy, including prioritized remediation roadmaps, capability maturity assessments, and investment recommendations.
• Security Awareness & Education: Develop and deliver training and awareness content for technical and non-technical stakeholders on AI-specific risks, responsible AI usage, and secure development practices for AI-powered applications.

Required Experience

• 5+ years of experience in security engineering with a significant focus on cloud security and/or AppSec
• Hands-on experience implementing, managing, securing, and supporting Agentic AI solutions within an enterprise context
• Familiarity with major cloud service provider AI-focused services such as AWS Bedrock, AWS SageMaker, Azure AI Foundry, or Google Vertex
• Proficiency in at least one relevant programming language, preferably Python
• Solid understanding of generative AI concepts