Lead Security Engineer - Artificial Intelligence

About The Position

Requirements

• Bachelor's degree or direct and applicable work experience.
• 7+ years of experience working in architecting of server or network controls in any of the following: DevOps, DevSecOps, Identity and Access Management (IAM), system virtualization, Windows and Linux Security, Cloud Security, Network and Network Security, Active Directory, Java, XML, JSON, Azure, AWS, MySQL, Federation, SSO.
• Knowledge of compliance and regulatory program requirements, such as HIPAA, ISO 27000, NIST, FISMA, and SOC standards.
• Experience architecting and designing security solutions at the enterprise level.
• Strong knowledge of high-scale cloud systems within multiple accounts and how they can be secured using agreed best practices.
• Experience with DevSecOps and automation in highly scalable environments.
• Strong analytical and problem-solving skills.
• A certain degree of creativity, innovation and latitude is required (the ability to think outside the box when faced with challenges).
• High attention to detail while completing tasks and processes.
• Ability to prioritize to maximize personal efficiency.
• Ability to help design solutions for cybersecurity problems.
• Strong compliance and regulatory-focused customer service orientation with effective verbal and written communication skills working with technical and non-technical personnel, with the ability to address all levels of leadership, business, technical, and non-technical staff.

Nice To Haves

• Experience with creating/managing AI Agent IDs and MCP servers and integrations
• Strong proficiency in Python for AI workflows, automation, and orchestration
• Experience with RAG pipelines, embeddings, APIs, and AI service integration
• Understanding of AI lifecycle risks
• Strong experience securing AI workloads on AWS & Azure
• Experience with Cloud Hardening Best Practices.
• Strong Infrastructure-as-Code (IaC) for Cloud, preferably Terraform
• Strong background in application security, cloud security, and IAM
• Experience embedding security into CI/CD, IaC, and SDLC workflows
• Automation experience using Python, PowerShell, Bash, and APIs
• Strong RHEL Linux skills, especially at the command line level.
• Strong understanding of AI/LLM-specific threats such as prompt injection, data poisoning, model theft, adversarial attacks, sensitive data leakage, etc.
• Experience implementing AI security controls such as guardrails, content filtering, input/output validation, RBAC for AI systems, secure prompt handling, and AI audit logging
• Understanding of secure AI architecture and AI governance frameworks
• Familiarity with: OWASP Top 10 for LLM Applications
• NIST AI Risk Management Framework
• Responsible AI and AI compliance practices
• SIEM, threat detection, and vulnerability management.
• Previous experience with integrating AI with SIEM systems

Responsibilities

• Secure corporate AI capabilities used in enterprise applications
• Establish Best Practices for model implementation, versioning, monitoring and governance for AI Systems on the Enterprise.
• Design/Implement guardrails for AI code-generation tools used in developer workflows
• Enable and implement safe AI-assisted development across IDEs, CI/CD pipelines, and local developer environments
• Support model selection and integrations within the organization (Claude class, GPT-class, and similar platforms)
• Engineer and secure Microsoft Agents, Copilot-style workflows, and agent-driven automation.
• Prevent insecure code generation, prompt leakage, and unsafe agent behavior while preserving developer velocity
• Identify risk-related issues and architect solutions to avoid potential security incidents and business impact.
• Create architecture policies aligning with industry best practices for cybersecurity and resiliency.
• Design security for monitoring, logging, IAM, encryption, data protection, detection. and preventive controls.
• Provide expertise and best practices for implementing cloud security and secured code detection and prevention.
• Deploy strong identity and access management (IDAM) controls across applications and computing environments.
• Develop and maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineers.
• Actively monitor, assess, and recommend tactical and strategic initiatives based on new and emerging threats posing risk to cloud computing environments.
• Align with architects to create secure workloads in AWS, Microsoft Azure and Google Cloud.
• Advise and design with commercial and open-source security tools and controls.
• Communicate security posture to cybersecurity leaders, stakeholders, IT and developers.
• Design for integrated security controls, workflows, data protection, authentication and authorization.
• Acts as technical architect for Windows, Linux, VMware, Kubernetes, Docker and others used to support business needs.
• Other duties as assigned.

Benefits

• Wellmark is building innovative, modern solutions using cutting edge technology.
• We are driving organizational transformation and business strategy by empowering our technology team to innovate new and elegant solutions to enhance the customer experience.
• Together, we are leaning into the future, owning the outcome, and driving organizational change to transform how we work.