Responsibilities
Operate Continuous Security Validation running AWS Security Agent cloud infra AI-specific and model supply-chain on every significant deployment mapped to a 2
LoD-approved threat coverage matrix. Own the 7-day threat-intel SLA, ingesting MITRE ATLAS, OWASP LLM feeds via Jira automation and ope rationalising new attack techniques into test suites within 7 days. Aggregate, deduplicate, and SLA-manage all findings via Defect Dojo Attestation enforcing severity-based MTTR remediation gates before re-deployment approval and feeding the Power BI dashboard Open Findings MTTR Pipeline Gate Pass Rate Prompt Injection Block Rate.
Stack
Hands-on with autonomous pentest tooling such as AWS Security Agent, Horizon3 or equivalent, AI red-teaming tools like Garak, PyRIT, Claude Security, Opus 4 x, Codex and OWASP LLM Top 10, MITRE ATLAS test design. Clear understanding of the 1
LoD-2
LoD boundary running control validation blue team against 2
LoD-approved threat scenarios while leaving independent unknown-scenario red-teaming to 2
LoD.
- OSCP or OSCE (mandatory)
- GIAC GPEN or GXPN
- GIAC GMLE (Machine Learning Engineer) or equivalent AI-security credential
- AAnthropic Cyber Verification Program enrolment (for offensive use of Opus 4 x)
- CREST CCT desirable for regulated-bank context
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).