AI Security Analyst

About The Position

Requirements

• 3–7 years of experience in information security, security operations, application security, or related fields.
• Working knowledge of:
• Familiarity with AI concepts, architectures, and common risks (e.g., OWASP Top 10 for LLMs).
• Experience supporting compliance/audit activities (SOC 2, PCI, HIPAA, ISO).
• Strong communication skills and ability to collaborate in a fast-paced SaaS environment.
• Demonstrated experience leveraging AI tools and technologies to improve workflows, enhance decision-making, or drive innovation.

Nice To Haves

• Hands-on experience securing AI/LLM applications or internal AI tools (e.g., guardrails, monitoring).
• Deep knowledge of AI governance frameworks (NIST AI RMF, ISO 42001).
• Background in SOC operations or regulated industries (fintech, payments, healthcare, legal tech).
• Experience with privacy/data protection controls in AI contexts.

Responsibilities

• Identify and mitigate key AI-specific threats, including: Prompt injection, jailbreaking, and adversarial inputs
• Sensitive information disclosure (e.g., data leakage via inputs/outputs)
• Insecure output handling and excessive agency
• Model misuse, abuse, or overreliance
• Supply chain vulnerabilities in third-party AI services/models
• Inference-side attacks and exfiltration risks
• Partner with Engineering, Product, Legal, and Privacy teams to review AI use cases, conduct risk assessments, and recommend controls before production deployment.
• Evaluate third-party AI vendors and services for security posture.
• Develop, implement, and enforce technical and policy-based guardrails (e.g., input/output filtering, usage policies) for responsible AI adoption.
• Support AI-related incident response, investigation, and post-incident analysis.
• Perform SOC-style monitoring, alert triage, and investigation across cloud, application, and AI-enabled systems (including AI API usage and data flows).
• Enhance detection rules and logging for AI-specific activity.
• Contribute to threat modeling, particularly for AI integrations.
• Support audit readiness and compliance with: SOC 2, PCI DSS, HIPAA (as applicable), ISO standards
• Emerging AI frameworks (e.g., NIST AI RMF, ISO 42001, OWASP Top 10 for LLMs)
• Document AI security controls, risk assessments, and evidence for audits.
• Collaborate with Privacy and Compliance teams to align AI usage with data protection obligations.
• Monitor evolving AI regulations and translate them into actionable controls.
• Serve as the go-to security advisor on AI initiatives, acting as an enabler of innovation.
• Educate stakeholders on AI risks, best practices, and secure usage patterns.

Benefits

• Health Insurance Coverage: We offer our 8Team a variety of medical, dental, and vision plans, designed to fit your needs, including a 100% company-paid HDHP plan for employees.
• Financial perks: We offer a competitive compensation and benefits package including annual bonuses, equity options and 401(k) or RRSP if in Canada, with a company match for all team members.
• Time for what matters: Flexible Time Off, paid holidays, and a parental leave program for our new parents.
• Wellness: Wellness stipends, mental health support, and one-on-one nutrition coaching.
• Learning and Development: Continuous learning through 8am.edu, leadership programs, professional development funds, and individually focused talent development.
• Giving back to the communities around us: Participate in our charitable matching gift program, paid time off for volunteer service, and company-sponsored volunteer events (both local and virtually).
• Engagement: Virtual and in-person team-building events, quarterly award recognition through our Rise & Shine Award of Excellence Program, and our peer-to-peer appreciation platform.