AI Security Specialist (Fintech)

TL;DR

AI Security Specialist (Fintech): Designing and implementing security controls for LLM-powered features and internal AI workflows with an accent on prompt injection defenses and AI risk management. Focus on threat modeling AI systems, integrating guardrails into CI/CD, and establishing safe-use policies for AI developer tools.

Location: Worldwide. Hybrid work from hubs (Cyprus, Spain, Serbia, Kazakhstan) or remote. Relocation support available to mentioned hubs.

Company

hirify.global is a fintech company challenging the status quo of incumbent finances with high-tech solutions.

What you will do

• Define and maintain AI security standards and acceptable-use policies for AI developer tools like Copilot, Cursor, and Claude.
• Threat-model and secure customer-facing LLM features against prompt injection, prompt leakage, and authorization bypass.
• Secure internal AI agents and RAG systems by setting access boundaries, data-scope policies, and human-in-the-loop checkpoints.
• Conduct AI vendor risk assessments, reviewing DPAs, data residency, and model provenance.
• Partner with the SOC team to define AI-related security events and maintain a comprehensive AI risk register.
• Educate development and product teams on AI security best practices, including OWASP LLM Top 10 and MITRE ATLAS.

Requirements

• 2+ years in DevSecOps, Cloud/Infrastructure, or AppSec with demonstrable hands-on AI security work.
• Deep knowledge of LLM vulnerabilities: prompt injection, jailbreaks, and data leakage through model context.
• Hands-on experience with LLM APIs and orchestration frameworks, including RAG and agent-permission models.
• Strong Python scripting skills for building POCs, integrations, and AI guardrails.
• Foundational knowledge of AWS security (IAM, VPC, S3, KMS) and Kubernetes deployment security.
• Experience with CI/CD pipelines (GitLab CI preferred) and Infrastructure as Code (Terraform).

Nice to have

• AI red-teaming experience and proficiency with tools like Promptfoo, NeMo Guardrails, or Lakera Guard.
• Knowledge of AI governance frameworks such as NIST AI RMF, ISO/IEC 42001, or the EU AI Act.
• Fintech compliance context including PCI DSS, GDPR, and SOC 2.
• Public contributions to AI security research, CTFs, or open-source projects.
• Experience with Service Mesh (Istio) for securing inter-service AI traffic.

Culture & Benefits

• Relocation support for employees and their families to hubs in Cyprus, Spain, Serbia, or Kazakhstan.
• Flexible work arrangements, allowing for either remote work or office-based presence.
• Comprehensive healthcare coverage and a wellness budget for mental health and fitness.
• Education budget for language lessons, professional training, and certifications.
• Vacation policy providing 20 days of annual leave plus paid sick leave.