Responsibilities
- Evaluate and improve the security of artificial intelligence and machine learning systems, including large language models, generative AI workflows, and model deployment environments by identifying weaknesses, potential attack vectors, and shortcomings relative to established standards such as OWASP LLM Top 10 and MITRE ATLAS.
- Conduct threat modeling focused on AI-based workloads, addressing risks like adversarial inputs, prompt injection attacks, model inversion, training data contamination, and third-party supply chain threats across cloud, on-premise, and local AI implementations.
- Guide internal teams in the secure adoption of SaaS-based AI platforms and APIs—such as OpenAI, Azure OpenAI, and Bedrock—focusing on credential protection, output validation, and secure data handling.
- Assess data ingestion processes, retrieval-augmented generation (RAG) designs, and vector database configurations to mitigate risks of data leakage, unauthorized access, or regulatory non-compliance through model responses.
- Act as a security liaison connecting business leaders, data science teams, IT staff, and cybersecurity professionals to address AI-related threats and governance concerns.
- Monitor advancements in AI security research, emerging attack methods, compliance requirements, and vendor advisories to ensure guidance remains current and forward-looking.
- Create and update architectural security documentation, risk analyses, control frameworks, and operational policies specific to AI deployments.
- Support the creation of long-term AI security strategies, including prioritized risk mitigation plans, maturity evaluations, and technology investment guidance.
- Design and deliver training programs for technical and non-technical audiences on AI-specific threats, ethical AI use, and secure development practices for AI-integrated applications.
Work Arrangement
Remote (Country) — VA, MD, PA, NC, DE, NJ, DC
