AI Defense Engineer
Listed on 2026-06-18
-
IT/Tech
Cybersecurity, AI Engineer (Applied/Software), Systems Engineer
AI Defense Engineer
Job Type: Direct Hire
Location:
Boston/Washington DC
Work Authorization:
Must be eligible to work in the US; no sponsorship provided.
About the Role
The Senior AI Defense Engineer is a technical leader responsible for securing AI in a global law firm environment. The role sets technical direction, drives delivery, and mentors colleagues to raise awareness and capabilities. It translates emerging AI threats into practical defenses, guardrails, policy enforcement layers, monitoring and detections, adversarial test automation, and hardened environments to withstand real attacker pressure.
The role supports a smart‑integration, buy‑before‑build security strategy, evaluating, selecting, and operationalizing commercial AI security solutions that meet stringent legal‑sector expectations—including matter confidentiality, ethical walls, client audit requirements, data residency constraints, and contractual IT service obligations.
Success looks like: enhancing and performing commercial AI tool evaluations and approvals, assessing internally developed AI solutions, and responding to audit demands with credible evidence of AI cybersecurity protections. It also includes secure‑by‑default adoption by engineering teams, adversarial assessments that reliably find issues before production, telemetry and detections that catch abuse early, and an AI security roadmap that stays current with fast‑moving technology shifts.
You Will Be Doing
- Threat Modeling & Risk Assessment – Guide and conduct technical threat modeling for AI/ML systems, identify AI‑specific threats, and provide prioritized mitigation guidance via vendor configuration standards, reference patterns, and exception processes.
- AI Defense Engineering – Evaluate and operationalize security controls, guardrails, and enforcement mechanisms for AI services, enable detections and monitoring for AI‑specific attack patterns, and secure integration and operational use of enterprise AI services.
- Adversarial Testing & Red Teaming – Identify and utilize adversarial test suites for AI applications, simulate realistic attacker behavior, capture and track issues as actionable vulnerabilities, and partner with product teams to validate fixes.
- Tooling & Automation – Incorporate AI capabilities into existing and future security stacks (SIEM, SOAR, EDR, WAF, API gateways, identity platforms).
- Incident Response & Forensics for AI Systems – Lead technical response for AI‑related incidents, analyze logs and model behavior, reconstruct attack paths, and improve playbooks and post‑incident reviews.
- Collaboration – Serve as the AI security technical lead with engineering, product, infrastructure, and security leadership; communicate tradeoffs, align stakeholders, and unblock delivery.
- Roadmap Leadership – Own the technical strategy and roadmap for AI security engineering; translate threat intelligence and risk assessments into prioritized engineering work, milestones, and measurable outcomes.
- Contribute to the Firm’s Service Matters initiative by consistently improving the firm’s image internally and externally with professionalism and a can‑do attitude.
- Practical understanding of ML/AI pipelines: data collection, feature engineering, training, evaluation, deployment, monitoring.
- Strong understanding of how enterprise AI services (SaaS/PaaS) are deployed and governed, including data handling, routing, and isolation controls.
- Experience with at least one major cloud platform (AWS, Azure, or GCP) and modern infrastructure (containers, Kubernetes, secrets management, CI/CD).
- Experience integrating Microsoft AI security and governance capabilities, including Azure OpenAI / Model Catalog, Azure API Management, Microsoft Entra , and related Azure‑native AI security controls and gateways.
- Familiarity with AI attack patterns and defenses such as prompt injection, jailbreaks, data/model poisoning, model inversion, membership inference, automation bias, and unsafe autonomy in agents.
- Solid security fundamentals: authentication/authorization, network security, data protection, logging/telemetry, secure software engineering practices, vulnerability…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).