AI Security Specialist

Map SsgNew York, NY

About The Position

The AI Security Specialist safeguards the firm's use of artificial intelligence — from Microsoft Copilot and generative AI tools to internal ML models and third-party AI services. This role establishes guardrails, monitors AI usage, evaluates emerging AI products, and ensures all AI deployments meet legal, regulatory, and client confidentiality obligations.

Requirements

  • 5+ years in information security, with 2+ years focused on AI/ML security or AI governance.
  • Demonstrated hands-on AI red team experience — including prompt injection and jailbreak testing, adversarial ML techniques, LLM/agent abuse scenarios, and structured engagements aligned to OWASP Top 10 for LLMs and MITRE ATLAS.
  • Proficiency with AI red teaming tooling such as Microsoft PyRIT, NVIDIA Garak, Promptfoo, Giskard, or comparable frameworks; ability to author custom probes and harnesses.
  • Strong working knowledge of LLM architectures, RAG systems, and AI agent frameworks.
  • Experience securing Microsoft 365 Copilot, Azure OpenAI, Anthropic Claude or comparable enterprise AI platforms.
  • Understanding of data classification, DLP, and identity governance (Purview, Entra).
  • Bachelor's degree in Computer Science, Cybersecurity, or related field.
  • Candidates must hold one or more of the following: CISSP — Certified Information Systems Security Professional (ISC²), CISM — Certified Information Security Manager (ISACA).

Nice To Haves

  • Experience in a law firm, financial services, or other highly regulated environment.
  • Prior participation in AI/ML CTFs, bug bounties (e.g., HackerOne AI programs), or published AI red team research.

Responsibilities

  • AI Risk Assessment — Evaluate security, privacy, and compliance risks of AI tools before adoption (Copilot, ChatGPT Enterprise, Anthropic Claude, e-discovery AI, etc.).
  • Threat Detection — Monitor for AI-specific threats: prompt injection, model poisoning, data exfiltration via LLMs, and shadow AI usage.
  • Vendor & Model Review — Conduct security reviews of AI vendors, including data residency, training data usage, retention, and SOC 2 / ISO 42001 posture.
  • Data Protection — Partner with other business units to prevent privileged client data, work product, and PII from leaking into public or improperly governed AI systems.
  • Incident Response — Lead investigation and response for AI-related incidents (data leakage, model abuse, compromised AI accounts).
  • AI Red Teaming — Plan and execute adversarial testing programs against internal and vendor AI systems: prompt injection, jailbreaks, data exfiltration, model inversion, training data extraction, and agent abuse. Coordinate engagements with external red teams for high-risk deployments and translate findings into prioritized remediations.
  • Training & Awareness — Build and deliver AI security training and advice on safe use of AI.
  • Regulatory Alignment — Track and operationalize NIST AI RMF, EU AI Act, NY DFS Part 500, and client-specific AI requirements.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service