Lead AI Security Engineer

Description

We are seeking an experienced AI Security Engineer to lead the design, implementation, and operationalization of security controls for our LLM‑powered applications, AI platforms, and model‑hosting infrastructure. This role will focus on protecting AI systems from prompt injection, sensitive data leakage, insecure tool use, model abuse, and cloud/infrastructure threats while establishing secure engineering patterns for the next generation of AI‑enabled products.

It sits at the intersection of Application Security, Cloud Security, and AI Platform Engineering.

The ideal candidate combines offensive and defensive security expertise with strong experience in secure system design, cloud infrastructure, CI/CD, containers, and modern software delivery pipelines. You will help define and execute new AI security initiatives across the enterprise, especially in a regulated financial services environment where confidentiality, resilience, governance, and auditability are critical. Sector‑specific AI governance and risk management expectations are increasingly being formalized through frameworks such as the NIST AI RMF.

• Lead security initiatives for LLM‑powered applications, copilots, agentic systems, and AI‑assisted workflows.
• Design and implement controls to reduce the risks of prompt injection, sensitive information disclosure, data leakage, improper output handling, excessive agent autonomy, model and AI supply chain risk, and vector/embedding and retrieval‑related weaknesses.
• Partner with engineering teams to embed secure‑by‑design patterns into AI application development, deployment, and operations.
• Create guardrails for AI systems that process customers, employees, and regulated financial data.
• Architect and implement AI gateway controls that centralize security policy enforcement for model traffic, including prompt inspection, response filtering, PII/secret redaction, model access control, rate limiting, abuse prevention, audit logging, and evidence generation.
• Define runtime security policies for AI interactions across internal applications, APIs, tools, and model providers.
• Build detection and response capabilities for malicious prompts, unsafe model behavior, and data exfiltration attempts.
• Secure systems built on the Model Context Protocol (MCP) and related AI tool‑integration patterns.
• Define security requirements for MCP servers, proxy servers, and tool connectors, including authentication and authorization, least privilege, schema/input validation, secrets management, network isolation, sandboxing, logging and auditability, and third‑party server risk review.
• Assess and mitigate risks associated with MCP architecture, including authorization flaws, confused‑deputy scenarios, and unsafe execution paths.
• Partner with Cloud Security, Platform Engineering, and Dev Ops to implement hardening, segmentation, identity controls, observability, and incident response readiness.
• Work closely with Security, Engineering, Legal, Compliance, Risk, and Product teams to align AI security controls with regulatory and internal risk expectations.
• Help define AI security standards, reference architectures, guardrails, and review processes appropriate for a financial industry environment.

• 5+ years of experience in cybersecurity with a strong mix of offensive and defensive security tactics.
• Deep familiarity with the OWASP Top 10 for LLM applications.
• Hands‑on experience with Docker, Kubernetes, and Cloud Security (AWS/Azure/GCP).
• Experience designing and securing AI gateways, API proxies, or centralized policy enforcement layers for AI workloads.
• Working knowledge of MCP server security and secure tool‑integration patterns, including identity, authorization, validation, proxy risks, and logging.
• Strong communication skills with the ability to work across Application Security, Cloud Infrastructure, Platform Engineering, and Product Engineering teams.
• Familiarity with AI red‑teaming methodologies and adversarial testing for LLM applications.
• Ability to translate complex AI risks into actionable technical requirements for developers and executive stakeholders.
• Familiarity with regulatory frameworks (e.g., NIST AI RMF, ISO/IEC 42001).

Credit One Bank, N.A. is an equal opportunity employer committed to diversity and inclusion, and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation, or national origin. Reasonable accommodations can be made for those who require them, including access to job applications and workplace accommodations.