Principal Analyst - Responsible AI

About The Position

Requirements

• Bachelor's degree in STEM, Computer Science, or related field
• Minimum of 9 years of experience in related field
• Deep understanding of Generative Artificial Intelligence and its associated risks
• Ability to collaborate with development teams to build secure solutions, communicating risks and bringing consensus to diverse priorities
• Knowledge of common vulnerabilities and attack vectors against a GenAI model such as prompt attacks, training data extraction, and data poisoning
• Assessment, risk categorization, and application security testing tools
• Excellent problem solving, critical thinking, interpersonal, collaboration, written and verbal communication skills
• Knowledge of the fast-evolving industry standards, best practices, and reference architectures
• Solid understanding of secure network and system design in both cloud and conventional environments, as well as of network and web related protocols
• Excellent understanding of web applications, web servers, layer 7 application technologies, frameworks and protocols with respect to application development and deployment
• Ability to work independently and self-motivate
• Ability to strategically evaluate SaaS providers and their data storage policies
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

Nice To Haves

• Master's degree
• Certified Ethical Hacker (CEH)
• GIAC Security Essentials (GSEC)
• Certified Information Security Manager (CISM)
• Comp TIA Security +
• Certified Information Systems Security Professional (CISSP)
• Certified Information Systems Auditor (CISA)
• Systems Security Certified Practitioner (SSCP)
• CompTIA Advanced Security Practitioner (CASP+)
• Offensive Security Certified Professional (OSCP)
• Minimum of 12 years of experience in related field, including any combination of the following: threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration and network security, cloud computing
• Thought leadership publishing within the Responsible AI or Generative AI categy
• Familiar with waterfall and agile development processes and ability to integrate secure development practices into both models
• Experience with multiple programming languages
• Success in implementing effective Secure SDLC frameworks across a large corporation

Responsibilities

• Leads responsible architecture design evaluations and threat modelling of our products (both bought and built)
• Recommends and implements products/services that support operational needs and responsible AI requirements
• Promotes and contributes to the continuous improvement of our Responsible AI strategy through accurate, reusable documentation and education materials
• Perform code analysis of applications, manually and using SAST, DAST, and SCA scanning solutions as well as conducting manual vulnerability analysis
• Technical point of contact for product teams as it relates to Responsible AI at United
• Sought out as a trusted advisor/consultant and assists in the creation of security designs, requirements, risk monitoring and mitigation guidance in alignment with industry best practices and regulatory requirements
• Assist in leading the design, definition and implementation of security best practices and standards and ensure product development teams understand them

Benefits

• medical
• dental
• vision
• life
• accident & disability
• parental leave
• employee assistance program
• commuter
• paid holidays
• paid time off
• 401(k)
• flight privileges