Distinguished Engineer – AI Security

About The Position

Requirements

• AI Security Frameworks: MITRE ATLAS, NIST RMF, ISACA AI Audit Toolkit, and emerging ISO/IEC AI security standards.
• AI Technologies: Expert conceptual and hands-on implementation knowledge of core ML and generative AI technologies including transformer-based NLP, LLM-based generative AI and agentic AI.
• AI Risk Management & Model Security: Threat modeling, adversarial defenses, model lifecycle security, and vulnerability management.
• Data Privacy & Protection: Privacy-enhancing technologies (PETs), secure data handling patterns, and regulatory alignment (e.g., HIPAA, GDPR).
• Infrastructure Security: Zero Trust architectures, secure AI pipelines, and cloud-based GenAI platform controls.
• Governance & Compliance: Policy development, risk indicators, regulatory interpretation, and audit support for AI systems.
• Leadership & Collaboration: Ability to influence engineering, legal, privacy, and business stakeholders.
• 15+ years of AI experience, including significant depth in advanced technical or architectural roles.
• 5+ years of cybersecurity experience defining and integrating security standards and controls that aligned to established frameworks such as NIST CSF.
• Deep expertise in AI security concepts such as adversarial ML, secure model deployment, AI agent authorization, AI data loss protection, AI safety, and AI risk management.
• Strong background in Zero Trust architecture and hybrid infrastructure security.
• Demonstrated ability to lead and influence large-scale, cross-functional security initiatives.
• Hands-on experience building, deploying, and securing AI systems and platforms in enterprise environments.
• Practical experience applying AI security and risk management frameworks in real-world engineering contexts.

Nice To Haves

• CISSP and/or CISM preferred.
• AI security, cloud security, or data protection–focused certifications are a plus.

Responsibilities

• Define and help execute the enterprise AI security strategy, spanning secure model selection, development, and deployment criteria, adversarial threat mitigation, and alignment with emerging AI governance requirements.
• Design, build, and maintain reusable AI security frameworks, reference patterns, and technical standards for model integrity, secure data pipelines, and privacy-preserving machine learning.
• Perform hands-on security assessments of AI systems, identify risks, and provide mitigation guidance based on AI security posture management and detection findings.
• Drive innovation in AI security techniques, controls, and tooling through applied research and practical implementation.
• Apply and guide the application of AI security frameworks such as MITRE ATLAS, NIST RMF, and emerging ISO/IEC AI standards to secure the end-to-end AI lifecycle.
• Apply Zero Trust principles to hybrid and cloud infrastructure environments supporting AI workloads, including workload identity, segmentation, and continuous verification.
• Partner closely with Enterprise Architecture and Platform Engineering to integrate AI security controls into infrastructure design patterns and shared services.
• Guide and, where appropriate, directly implement security capabilities across on-premises and cloud platforms to ensure consistent protection for AI and traditional systems.
• Hands-on Engineering & Prototyping: Design and build proof-of-concept solutions, reference implementations, and reusable components to validate AI security and infrastructure security approaches. Provide ongoing technical support to teams implementing enterprise patterns and components.
• Framework and Pattern Development: Architect repeatable security patterns and guardrails that can be adopted by data science, engineering, and platform teams.
• Technology Evaluation: Research emerging AI and infrastructure security technologies to assess enterprise applicability and maturity. Ensure that enterprise components and solution architectures leverage the best commercial and open-source software and services available, and that the resulting AI security stack is minimally complex and massively scalable and economic.
• Technical Innovation: Translate emerging threats, research, and regulatory guidance into practical, actionable engineering solutions.
• Provide expert design reviews and technical oversight for AI systems, platforms, and infrastructure architectures.
• Define and evolve AI security and infrastructure security standards in partnership with governance stakeholders.
• Advise on security-related business cases and strategic investments for AI platforms and capabilities.
• Serve as a trusted advisor and mentor to security, platform, and engineering teams on AI security best practices.
• Advise on enterprise response to emerging AI security threats.
• Set and guide technical direction for AI security and adjacent infrastructure security domains based on hands-on engineering insight.
• Influence enterprise technology strategy for secure AI adoption through thought leadership and practical guidance.
• Contribute to industry and internal thought leadership through publications, presentations, patents, or standards.
• Influence key technology partners and solution providers to ensure that their solutions comply with CVS Health AI Security standards.

Benefits

• Affordable medical plan options, a 401(k) plan (including matching company contributions), and an employee stock purchase plan.
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching.
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility.