Professional Services Consultant - AI Security

About The Position

Requirements

• 5+ years of experience in cyber security, risk management, and/or application development security with strong foundational knowledge of cybersecurity principals
• 5+ years of experience in a customer-facing role (e.g., consulting, professional services, pre-sales, managed services) for a high-tech software or technology vendor
• Proven track record leading enterprise consulting or professional services engagements
• Excellent communication and stakeholder management skills, capable of influencing at all levels and gaining a ‘Trusted Advisor’ status with key stakeholders
• Excellent troubleshooting and problem-solving skills with an innate ability to methodically get to the root of issues
• Exposure to unique threat landscape for AI and LLMs including AI specific threat models and risks (e.g., prompt injection, data poisoning/leakage/exfiltration, model inversion/manipulations/poisoning, and other adversarial attacks)
• Proficient in RESTful API design and security (OAuth2, JWT, API Gateway, secure key management)
• Exposure to implementation of API gateways (e.g., Zuul, Apigee, Kong, Amazon API Gateway, Azure API Gateway) and AI application specific gateways (e.g., LiteLLM, Portkey, Helicone, TrueFoundry)
• Understanding of secure prompt engineering and policy enforcement for AI tools
• Experience with AI agents, tool-calling frameworks, and orchestration
• Familiarity with data protection regulations and AI Security frameworks (e.g., GDPR, NIST AI RMF, ISO/IEC 27001, ISO/IEC 42001, OWASP Top 10 for LLMs, MITRE ATLAS) is a plus.
• Knowledge of and experience in deploying IT infrastructure services in an enterprise environment in a secure manner following industry best practices and standard security/compliance risk frameworks (e.g., SOC 2, HIPPA, FedRAMP, PCI-DSS, NIST, ISO, COBIT, HITRUST, GDPR).
• Very well organized and work effectively in an agile and fast-paced environment
• Solid command of the English language (written and spoken) with additional language skills is a plus.
• Comfortable working within a geographically distributed and diverse team for a hypergrowth global organization.
• Ability to travel up to 25% of the time for customer on-site meetings and various company meetings

Nice To Haves

• Understanding of AI system architectures, data pipelines, and MLOps
• Experience implementing AI-specific application security controls (e.g, guardrails, filters, model observability) and LLM vulnerabilities testing (e.g., AI red teaming)
• Experience designing access control and data classification for AI workflows
• Hands-on experience with public cloud AI/ML application frameworks (e.g., AWS SageMaker, AWS Bedrock, Azure AI Foundry, Google Vertex AI, or Databricks)
• Hands-on experience with AI/ML frameworks (e.g., PyTorch, TensorFlow, LangChain, LlamaIndex, Hugging Face)
• Hands-on experience with cloud-native security tooling (GuardDuty, Azure Defender, GCP Security Command Center)
• Experience with containerization and orchestration (Docker, Kubernetes, Helm, CI/CD pipelines)
• Understanding of AI model lifecycle management (e.g., training, fine-tuning, deployment, evaluation)
• Knowledge of RAG architectures and vector databases (e.g., Pinecone, FAISS, Weaviate, Chroma)
• Understanding of cloud security (AWS, Azure, GCP) and secure integration of SaaS platforms
• Proficiency with Infrastructure-as-Code and automation (e.g., Terraform, CloudFormation, Python) and DevSecOps practices
• Industry accredited security certifications (e.g., CISSP, CCSK, CISM) and AI security–specific credentials
• Coding experience in Go, TypeScript, or Java
• Knowledge of broader Security Access Service Edge (SASE) product landscape and features (e.g., SD-WAN, next-generation firewall, cloud access security broker, and data loss prevention)

Responsibilities

• Maintain expert-level implementation proficiency of the Cato AI security solution while keeping abreast of the dynamic AI security and enterprise IT infrastructure landscape
• Develop meaningful relationships with key customer stakeholders and their partners, adopting a consultative and prescriptive approach that inspires trust and confidence
• Lead end-to-end customer engagements implementing Cato AI security solution for AI risk management, model security, and data protection so that our customers can realize the total value of their investment in our technology
• Provide technical leadership in deploying and configuring Cato AI Security solution to secure data flows, API calls, and model interactions
• Work with customer teams to design secure AI architectures and establish governance frameworks aligned to standards such as NIST AI RMF, ISO/IEC 42001, and EU AI Act guidance
• Translate technical findings into actionable recommendations for both executive and technical audiences
• Serve as a subject matter expert on AI and LLM security across Cato’s customer base
• Contribute to development of internal knowledge sharing, solution playbooks, and enablement materials for partners and customers
• Foster collaboration with our product management, support and engineering teams by providing feedback from the field on features and functionality, influencing roadmap priorities based on customer needs and emerging threats
• Support pre-sales and scoping discussions for new professional services engagements
• Identify opportunities to expand customer value through additional AI security services and capabilities
• Collaboration with greater professional services team to help synthesize experiences and trends observed in the field into repeatable technical best practices in collaboration with other Cato functions
• Able to operate day-to-day with minimal oversite and function as a point of technical escalation for other projects to provide guidance on and ensure timely resolution of any issues