AI Security & Compliance Engineer (AI/ML Security / GenAI Risk / Cloud Security / DevSecOps)
Quick Overview
Job Description
AI Security & Compliance Engineer (AI/ML Security / GenAI Risk / Cloud Security / DevSecOps)
Location: 210 Hudson Street, Jersey City, NJ, 07311 (3-4 days onsite per week)
Interview: May require an in-person (F2F) interview after video Interview
About the Role
seeking an AI Security & Compliance Engineer to ensure AI and GenAI systems on AIRP (AI Ready Platform) are designed, deployed, and operated securely and in compliance with enterprise technology, cybersecurity, privacy, and regulatory standards. The role covers emerging LLM risks as well as traditional AWS cloud, application, data-security, DevSecOps, and IaC controls.
Client-Specific Emphasis
- Security must cover AWS-hosted AIRP, Terraform/IaC templates, CI/CD pipelines, cloud engineering patterns, AI applications, and model/data access controls.
- The role must help create reusable controls that work across multiple business AI use cases and can support the broader cloud-agnostic blueprint.
- Power Platform / Copilot Studio governance, data-loss prevention, connector controls, and citizen-development oversight are valuable plus areas.
Primary Ownership
- Security architecture and control implementation for AI platforms, LLM applications, RAG pipelines, model-serving environments, and agentic systems.
- Threat modeling, AI red teaming, vulnerability assessment, risk remediation, and secure production approvals.
- Security evidence, control documentation, and compliance support for AIRP releases, Terraform/IaC, and DevOps pipelines.
Key Responsibilities
- Design and review secure architectures for AI/ML platforms, LLM applications, RAG pipelines, model-serving environments, and agentic AI workflows.
- Conduct threat modeling for prompt injection, jailbreaks, insecure tool use, model inversion, data leakage, retrieval poisoning, adversarial inputs, unauthorized access, and third-party model risk.
- Implement controls for AWS IAM, encryption, key management, secrets management, network segmentation, API security, logging, secure data handling, and data-loss prevention.
- Embed security into MLOps, LLMOps, CI/CD, container security, infrastructure-as-code, Terraform modules, and deployment pipelines.
- Review cloud-agnostic IaC templates and AWS-specific deployments for least privilege, secure defaults, segregation of duties, policy compliance, and auditability.
- Review third-party models, APIs, open-source packages, AI tools, and vendor platforms for security, privacy, model supply-chain, and compliance risks.
- Build monitoring and alerting for suspicious AI usage, anomalous access, policy violations, unsafe interactions, and potential data leakage.
- Support AI red teaming, penetration testing, vulnerability management, incident response, remediation planning, and production-readiness reviews.
- Maintain audit-ready documentation for controls, testing, risk acceptance, remediation, and production approvals.
Must-Have Qualifications
- Strong background in cybersecurity, cloud security, application security, DevSecOps, or technology risk.
- Experience securing cloud-native platforms, APIs, microservices, containers, Kubernetes, CI/CD pipelines, and infrastructure-as-code.
- Strong AWS cloud security exposure or comparable hyperscaler security depth, including IAM, encryption, network controls, logging, secrets, and secure deployment patterns.
- Understanding of AI/ML and GenAI-specific risks such as prompt injection, adversarial attacks, data leakage, model misuse, retrieval poisoning, model supply-chain risk, and unsafe tool use.
- Familiarity with threat modeling, vulnerability management, security testing, incident response, secure SDLC, DevSecOps, and Terraform/IaC controls.
- Ability to work directly with engineering teams to implement practical, risk-based controls.
Preferred Experience
- Experience securing AI/ML platforms or GenAI applications in production.
- Financial-services security, technology risk, regulatory, compliance, privacy, or audit experience.
- Familiarity with AI red teaming, secure RAG design, LLM gateways, Power Platform governance, Copilot Studio controls, data-loss prevention, and privacy-by-design controls.
eye
Skills
Similar jobs
Information Security Engineer 4 - Contingent
PTR Global · Charlotte, United States
1 minute ago$75 - $80/hrInformation Security Engineer 3
PTR Global · Charlotte, United States
3 minutes ago$55 - $60/hrCyber Threat Analyst Level 2 with Security Clearance
Altamira Technologies · Annapolis Junction, United States
5 minutes agoSecurity Specialist II (COMSEC/PHYSEC/INFOSEC/PERSEC/OPSEC) with Security Clearance
ProSync Technology Group · naval support activity crane, United States
6 minutes agoCyber Process Engineer with Security Clearance
Peraton · Fort Meade, United States
6 minutes ago$146k - $234k/yrSecurity Specialist I (COMSEC/PHYSEC/INFOSEC/PERSEC/OPSEC) with Security Clearance
ProSync Technology Group · naval support activity crane, United States
6 minutes ago