Position Summary
The Senior Security Engineer—AI Infrastructure is a systems-level role integrating security engineering, identity management, and infrastructure hardening across AI and agentic platforms.
Essential Functions
- Serve as SME for designing, maintaining, and implementing security architectures for AI infrastructure (model hosting, model registries, feature stores, vector databases, agent orchestration).
- Engineer IAM for AI systems, including RBAC/ABAC, secrets management, and key/token lifecycle management.
- Define and implement guardrails and isolation strategies for agentic workflows (sandboxing, least-privilege tool access, network segmentation, blast-radius reduction).
- Build logging/observability pipelines for prompts, tool calls, model outputs, agent actions, and data access paths into detection/incident response.
- Conduct risk assessments and threat modeling for AI platforms and integrations, including supply chain risks.
- Embed AI security controls into CI/CD and infrastructure-as-code (secure deployment patterns, policy-as-code, pre-production security checks).
- Lead/participate in AI incident response and forensics (model misuse, compromised agents, suspicious data flows).
- Ensure alignment of security controls with business/regulatory requirements; deliver audit-ready controls/evidence.
- Maintain security documentation (ADRs, threat models, runbooks, SOPs).
- Mentor and oversee engineers; perform ad-hoc cross-functional projects.
Education & Experience
- Bachelor’s degree + 7+ years relevant experience (required).
- 5+ years security/cloud/platform security (required).
- 3+ years container orchestration/modern infrastructure security hardening (required).
- Experience securing AI/ML/LLM systems (preferred).
- Regulated environment experience (preferred).
Knowledge, Skills & Abilities
- Proficiency applying NIST CSF/RMF/AI RMF, ISO 27001, SOC 2 Type 2.
- IAM, secrets management, service-to-service security.
- Audit-ready technical writing; security tooling/automation.
- Data protection (DLP, encryption, masking, access monitoring).
- Familiarity with agentic AI security risks (plus).
- Leadership to influence security design and risk tradeoffs.
Working Environment
- On-site or remote based on location; Monday–Friday business hours; flexibility with approval; mobility and ability to lift up to 30 lbs.