Назад
Company hidden
3 дня назад

AI Security Engineer

150 000 - 178 000$
Формат работы
hybrid
Тип работы
fulltime
Грейд
middle
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify RU Global, списка компаний с восточно-европейскими корнями
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

AI Security Engineer (AI/LLM Security): Strengthen the security of AI-enabled products, internal AI tools, and agentic AI infrastructure across the AI lifecycle with an accent on identifying, assessing, and reducing AI-specific risks. Focus on building scalable AI security controls, detection logic, and governance-aligned safeguards while improving defenses against prompt injection, jailbreaking, RAG data poisoning, and data leakage.

Location: Hybrid (Denver, CO) — in office at least 3 days/week

Salary: $150,000–$178,000 USD

Company

hirify.global builds legal technology solutions and advances AI across its products and internal platforms.

What you will do

  • Identify, assess, and reduce risks across the AI lifecycle for AI-enabled products, internal tools, and agentic AI infrastructure.
  • Partner with Product, Engineering, GRC, IT, and Security to guide AI adoption, vendor/model integrations, data handling, and acceptable use.
  • Defend against AI-specific threats such as prompt injection, jailbreaking, insecure outputs, RAG data poisoning, model abuse, data leakage, and indirect context manipulation.
  • Improve security for LLM-connected application surfaces, including MCP server integrations, agent workflows, tool-call authorization boundaries, and SaaS interconnects.
  • Build and maintain AI security controls, tooling, testing pipelines, detection logic, playbooks, and documentation to continuously validate AI behavior.
  • Extend identity governance and secrets management to AI agents and non-human identities, including access scoping, credential lifecycle, inventory, deprovisioning, and audit logging.

Requirements

  • 3–6 years of cybersecurity experience, including 1–2 years focused on AI/ML security, application security, or a related combination in a cloud-native SaaS or enterprise software environment.
  • Working knowledge of LLM security risks and mitigations, including OWASP LLM Top 10 concepts (prompt injection, insecure output handling, RAG poisoning, DoS, and sensitive information disclosure).
  • Hands-on application security fundamentals: threat modeling, SAST/DAST, API security, secrets management, secure SDLC, and CI/CD pipeline security.
  • Technical proficiency with scripting/automation and AI/ML security tooling and platforms (e.g., LangChain, RAG pipelines, vector databases, Azure OpenAI, Amazon Bedrock).
  • Experience securing Azure and/or AWS environments, including IAM, network segmentation, containers, Kubernetes, infrastructure-as-code scanning, and cloud-hosted AI workloads.
  • Strong communication and analytical skills to explain complex AI security risks to technical and non-technical audiences and drive remediation independently.

Nice to have

  • Certifications such as CAISP, CISSP, CEH, GPEN, or AWS/Azure security specialties.
  • Experience with AI red teaming/adversarial ML testing tools (e.g., Garak, PyRIT, Counterfit) and/or AI bug bounty programs.
  • Familiarity with AI governance frameworks and standards (e.g., ISO 42001, NIST AI RMF, EU AI Act, SOC 2 Type II, ISO 27001).
  • Experience in B2B SaaS and regulated legal technology environments, including security reviews, RFP responses, due diligence questionnaires, or security-focused sales support.

Culture & Benefits

  • Hybrid work in Denver with expectations to be in office at least 3 days per week.
  • Collaborative team culture focused on integrity and support.
  • Company bonus plan eligibility and comprehensive benefits package (medical, dental, vision, 401(k) with company match).
  • Opportunity for growth through stretch assignments, visibility, and career development.
  • Work at the intersection of legal technology and cutting-edge AI.

Hiring process

  • Interviews to evaluate AI security expertise, application security fundamentals, and ability to communicate risks and drive remediation.
  • Discussions to align on AI governance/security expectations and practical experience with cloud and AI security controls.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →