Tech Stack

Description

You will drive platform security initiatives with a primary focus on securing AI/ML systems and models, partnering with engineering, product, and data science teams to ensure robust security for AI-powered features and infrastructure while maintaining traditional AppSec coverage.

Requirements

• 5+ years in information security, with significant experience in application security and AI/ML security.
• Hands-on experience securing AI/ML models, pipelines, and data within the AI/ML SDLC.
• Familiarity with common AI/ML security threats (adversarial attacks, model inversion, data poisoning).
• Experience with security tools for AI/ML (e.g., Adversarial Robustness Toolbox, MLFlow security plugins).
• Development or scripting experience (Python preferred; experience with AI/ML frameworks a plus).
• Excellent communication skills.

Responsibilities

• Lead the design and implementation of security controls for AI/ML models, pipelines, and data flows.
• Ensure coverage of AI/ML and application vulnerabilities using SAST, DAST, dependency scanning, and specialized AI security tools.
• Conduct comprehensive threat modeling and AI/ML red teaming exercises, including prompt injection, jailbreaking, adversarial attack simulations, and vulnerability assessments for AI systems.
• Assess risks such as adversarial attacks, model theft, data poisoning, privacy risks, and other emerging threats to AI/ML models and pipelines.
• Build and maintain automation pipelines for AI/ML security testing and monitoring.
• Partner with Engineering, Product, and Data Science to embed security into AI/ML development lifecycles.
• Support detection, triage, and remediation of AI/ML-specific security incidents.
• Facilitate secure development training focused on AI/ML risks and best practices.
• Track and report status of vulnerabilities, including AI/ML-specific metrics (e.g., model robustness, data integrity).
• Design and execute quarterly OKRs for AI/ML security initiatives.