AI Security Engineer

Job Summary

We are hiring an AI Security Engineer for one of our customers in the healthcare industry. This role sits at the intersection of AI Security Architecture and Offensive Security. Primary Responsibility shall be to closely work with AI developers and platform teams to design and securely implement runtime guardrails and observability in the application. Additionally, shall work alongside penetration testers to build threat models and operationalize a continuous AI red-teaming practice embedded into CI/CD.

Responsibilities

• Assist with AI Threat Modeling and guide AppSec teams.
• Guide AppSec teams on threat modeling for AI/LLM systems across the full lifecycle.
• Help develop and maintain AI-specific threat models aligned with OWASP, NIST, ISO and additionally cater to regional or country level regulatory complainces.
• Translate threat models into concrete architectural controls, security requirements, and acceptance criteria for AI features.
• Lead efforts to assure secure implementation and runtime visibility/enforcement and shall be required to work closely with AI / ML developers.
• Input & Output Protection: Implement robust input sanitization, validation, output redaction, and data exfiltration prevention across prompts, documents, multimodal inputs, and model responses.
• LLM Security Controls & Detection: Deploy and tune LLM security frameworks for PII/PHI protection, prompt injection prevention, toxicity detection, prompt hardening, and adaptive/semantic threat detection.
• Monitoring, Logging & Auditability: Implement comprehensive, compliant logging of raw & sanitized inputs/outputs, model responses, & tool invocations, & publish real-time AI security indicators (e.g., prompt injection confidence, anomalous tool usage, behavioral drift) for SOC monitoring & audits.
• Secure Architecture & Engineering Enablement: Enforce architectural safeguards (human-in-the-loop, least privilege) and embed AI security requirements into application code and internal engineering guidelines in close collaboration with development teams.
• Automated AI Security Testing in CI/CD: Integrate prompt fuzzing, jailbreak regression tests, adversarial RAG testing, and guardrail regression detection into CI/CD pipelines.
• LLM-Specific Attack Simulation: Lead and support testing for direct and indirect prompt injection, document-based and multimodal injection, RAG poisoning, data integrity attacks, tool abuse, and agentic escalation scenarios.
• Offensive Security Tooling: Operationalize AI red-teaming tools such as Garak, LLMFuzzer, and custom adversarial test cases to continuously validate model and system resilience.
• Feedback Loop & Adaptive Defense: Ensure red-team findings directly feed into guardrail tuning, detection signature updates, and vector-based attack memory to strengthen adaptive defenses over time.
  
  

• Experience Level: Senior (8+ years)
• Bachelors degree in Computer Science, Cybersecurity, or a related field; Master’s degree preferred.
• Strong background in application development and machine learning, with recent hands-on experience in modern AI technologies including LLMs and agentic system design.
• Solid understanding of application security principles and secure software development practices.
• Proven experience building applications leveraging LLMs, ML pipelines, and AI-enabled systems in production environments
• Proven experience building applications leveraging LLMs, ML pipelines, and AI-enabled systems in production environments
• Comfortable collaborating cross-functionally with AI/ML, platform engineering, and offensive security (red team) teams to embed security throughout the AI development lifecycle.