AI Security Architect, Contract

About The Position

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or related field; Master's degree preferred
• 8+ years of experience in information security with at least 3 years in security architecture roles
• Demonstrated experience designing security controls for AI/ML systems, including LLMs, generative AI platforms, or machine learning pipelines
• Deep understanding of AI security risks including prompt injection, model inversion, data poisoning, adversarial attacks, and privacy concerns in machine learning
• Strong knowledge of enterprise security frameworks and standards such as NIST CSF, ISO 27001, SOC 2, and data protection regulations including GDPR, CCPA
• Experience with cloud security architectures, particularly in AWS, Azure, or GCP environments where AI/ML workloads are deployed
• Familiarity with AI development tools and platforms such as OpenAI API, Azure AI Services, AWS SageMaker, or Google Vertex AI
• Excellent written and verbal communication skills with ability to translate technical security concepts to business stakeholders and executive leadership
• Relevant security certifications such as CISSP, CCSP, CISM, or specialized AI security certifications

Nice To Haves

• Experience in the insurance or financial services industry with understanding of regulatory requirements
• Hands-on experience with AI security tools such as AI firewalls, model monitoring solutions, or DLP platforms with AI capabilities
• Background in machine learning or data science with understanding of model training, evaluation, and deployment processes
• Knowledge of responsible AI principles, AI ethics frameworks, and fairness testing methodologies
• Experience building security awareness programs and training materials for technical and non-technical audiences
• Active participation in AI security communities, research contributions, or speaking engagements on AI security topics

Responsibilities

• Design and implement comprehensive AI security architecture, including governance frameworks, data protection controls, model security standards, and usage policies for enterprise AI systems
• Collaborate with the AI business deployment team to establish security requirements and controls for AI applications, ensuring alignment between business objectives and security standards
• Develop and enforce AI usage policies and security guardrails for employees, including guidelines for acceptable use of generative AI tools, prompt engineering security, and data sharing restrictions
• Establish security standards and best practices for AI/ML development teams, covering model training security, data pipeline protection, API security, and secure model deployment
• Conduct AI-specific threat modeling and risk assessments, identifying vulnerabilities such as prompt injection, data poisoning, model theft, adversarial attacks, and privacy leakage
• Define data classification and handling requirements for AI systems, ensuring sensitive customer information and personally identifiable information are appropriately protected in training datasets and model outputs
• Evaluate and recommend AI security tools and technologies, including data loss prevention for AI interactions, AI gateway solutions, model monitoring platforms, and security testing frameworks
• Partner with compliance and legal teams to ensure AI implementations meet regulatory requirements including insurance industry regulations, data privacy laws, and emerging AI-specific legislation
• Create security awareness training programs focused on AI risks, responsible AI usage, and secure development practices for different user personas across the organization
• Develop incident response procedures specific to AI security events, including model compromise, data leakage, and unauthorized AI tool usage
• Monitor the evolving AI security landscape and provide strategic guidance on emerging threats, vulnerabilities, and security best practices
• Establish metrics and reporting frameworks to measure AI security posture and communicate risk to executive leadership