AI Incident Response Engineer

AI Incident Response Specialist

Role Overview:

The AI Incident Response Specialist will lead investigations and remediation of AI-related security incidents, including model poisoning, adversarial attacks, and generative AI misuse. This role ensures rapid containment and recovery while maintaining compliance and governance standards.

• Respond to AI-specific incidents such as model theft, data poisoning, and unauthorized AI deployments.
• Analyze AI telemetry and logs to confirm incidents and assess impact.
• Coordinate containment actions, including deactivating model endpoints and revoking API keys.
• Oversee eradication steps such as removing poisoned data and retraining models.
• Document lessons learned and update AI risk mitigation procedures.
• Collaborate with Data Scientists, AI Governance Officers, and security engineers during recovery.

• Proven experience in cybersecurity incident response.
• Deep understanding of AI/ML systems, pipelines, and associated risks.
• Familiarity with adversarial input detection and model integrity validation.
• Ability to work under pressure and manage high‑severity incidents.

• Experience with AI governance frameworks and compliance requirements.
• Knowledge of generative AI risks and mitigation strategies.

Role Overview:

The AI Detection Engineering Specialist will design and implement detection strategies specifically for AI systems and pipelines. This role focuses on identifying critical telemetry for AI models and services, ensuring proper logging, and building detection rules that initiate automated incident response workflows for AI‑related threats.

• Identify and define essential log sources for AI environments, including model training pipelines, inference endpoints, API calls, and data ingestion points.
• Establish logging standards for AI‑specific events (e.g., model updates, API token usage, prompt injection attempts, adversarial input patterns).
• Develop and tune detection rules to identify anomalies such as model drift, unauthorized access, or suspicious API activity.
• Integrate detection logic with SOAR platforms to trigger automated incident response workflows for AI incidents.
• Collaborate with AI engineering, data science, and security teams to validate detection coverage and response playbooks.
• Continuously assess AI threat landscape and update detection logic based on emerging attack techniques (e.g., model poisoning, prompt injection, data exfiltration).

• Strong understanding of AI/ML systems, pipelines, and associated security risks.
• Experience with logging and telemetry for AI services (e.g., Azure ML, AWS Sage Maker, custom ML pipelines).
• Hands‑on experience with SIEM/SOAR platforms and detection engineering.
• Familiarity with adversarial AI techniques and detection strategies.
• Proficiency in scripting (Python) for rule development and automation.

• Knowledge of AI governance frameworks and compliance requirements.
• Experience with monitoring and securing generative AI models and APIs.

Seniority Level: Mid‑Senior level

Employment Type:

Contract

Job Function: IT Services and IT Consulting