Security Engineer AI

About The Position

Requirements

• 4-6 years of experience in security engineering, cloud security, or infrastructure security.
• 3-4 years hands‑on experience with cloud platforms such as AWS, Azure and Office 365.
• Experience integrating security monitoring with observability data to detect misuse, data exfiltration, prompt injection, and adversarial AI behaviors.
• Working knowledge of identity and access management concepts and controls.
• Familiarity with AI enabled tools, platforms and their associated security considerations.
• Experience with Microsoft security tooling (e.g., Entra ID, Purview).
• Experience with Microsoft Copilot or other enterprise AI tools.

Nice To Haves

• Experience with data protection, DLP, and information classification.
• Experience securing enterprise AI platforms (e.g., Microsoft Copilot, ChatGPT Enterprise, Claude, and internal LLMs).
• Experience in AI risk management initiatives that provide observability data to ensure compliance and safe usage of AI systems.
• Familiarity with AI related risk frameworks (e.g., OWASP Top 10 for LLMs, NIST AI Risk Management Framework).

Responsibilities

• Treat people around you with Kindness and Compassion, build trust by demonstrating authenticity and following through on your commitments, prioritize your well-being like you do our mission, and work to build strong relationships with your colleagues by participating in communication loops to share and receive honest feedback.
• You are responsible and accountable for the culture you add to your team dynamic.
• Implement and maintain security controls for enterprise AI tools, including Microsoft Copilot and other AI-enabled SaaS platforms.
• Support the secure onboarding, configuration, and monitoring of AI features and other enterprise SaaS platforms.
• Enforce data access boundaries and usage restrictions for AI tools based on data classification and identity.
• Assist in reviewing custom AI use cases and integrations for security risks, including data exposure through prompts or outputs, improper access to sensitive information, and misuse of AI-driven automation.
• Design, review, and enforce security controls for enterprise AI platforms, including productivity copilots, internal large language models (LLMs), and third-party AI services.
• Partner with security engineering and cloud teams to secure AI infrastructure.
• Participate in architecture and security design reviews for AI-enabled systems prior to production deployment, ensuring appropriate guardrails for data exposure.
• Support secure configuration for AI agent usage and implement monitoring and audit logging for AI interactions and tool usage.
• Design and implement security controls for AI systems leveraging the Model Context Protocol (MCP).
• Enforce least-privilege access for AI agents interacting with tools, APIs, and data sources.
• Secure AI data flows, including retrieval-augmented generation (RAG) pipelines.
• Expand logging and monitoring for AI platforms, cloud environments, and SaaS activity.
• Participate in incident response efforts by investigating security alerts and supporting response to incidents involving cloud, SaaS, and AI tools.
• Assist in developing and maintaining runbooks and response procedures for platform-related incidents.
• Partner with engineering teams to embed security into AI platform architectures.
• Support and assist with security reviews of cloud-hosted applications and services and overall application security.
• Support identity and access management controls across Cloud platforms, SaaS applications, AI tools and integrations.
• Implement and maintain, Role based access controls (RBAC), Least privilege access models, Conditional access and MFA policies.
• Assist with access reviews and security remediation efforts.
• Contribute to the development and maintenance of security standards and technical guidelines.
• Providing security input to IT, Cloud, and Application teams during solution design and implementation.
• Document configurations, processes, and operational procedures related to security controls.
• Provide practical, security focused guidance to engineering, IT, and business teams on safe AI usage.

Benefits

• great benefits!