Key skills
Cyber SecurityPythonAIArtificial IntelligenceMachine LearningMLLLMRAGMLOpsCI/CDOWASP
About this role
Role Overview
- Consult and review secure architectures for our AI systems – from in-house models to third‑party LLMs (incl. RAG, vector databases, APIs, and integrations into our products and internal tools)
- Conduct AI-specific threat modeling and security reviews across the ML lifecycle (data → training → deployment → monitoring)
- Perform security testing / red-teaming of LLM and ML systems (e.g. prompt injection tests, jailbreaks, exfiltration and data-leakage tests)
- Work closely with data scientists, Machine Learning engineers, platform engineers and Compliance & IT Security to define and implement concrete controls in pipelines, infrastructure and applications
- Own and support AI risk assessments, and help write/review policies, standards and governance documentation for AI use
- Translate EU AI Act, financial-services regulation and relevant standards into practical technical and process controls
- Help define monitoring, logging and incident response for AI/LLM systems, including misuse and data-leak detection
- Collaborate with Legal, Compliance and Procurement on AI vendor selection, risk assessments and contract reviews
Requirements
- Demonstrable experience in Artificial Intelligence/Machine Learning security in a production context – not just general cybersecurity
- Practical knowledge of LLM-specific risks, such as: prompt injection and jailbreaks, data leakage and sensitive information exposure, model inversion, membership inference, supply chain risks in AI tooling and models
- Solid understanding of the ML lifecycle and typical MLOps setups (data pipelines, training, evaluation, deployment, CI/CD, monitoring) and where to place security controls
- Experience designing or reviewing secure architectures for AI/LLM systems, including: API security and authentication/authorization, secrets management (API keys, tokens, credentials), isolation of tenants/contexts and access control for data sources & vector stores, protection of sensitive data in prompts, logs and training data
- Experience working side-by-side with data scientists or ML engineers – you have credibility in technical rooms and can challenge design decisions constructively
- Ability to read Python code and basic ML pipelines and to build small scripts/tools (e.g. for automated tests, log analysis, or prototype guardrails)
- Background in risk assessment and in writing or reviewing policy and governance documentation
- Familiarity with relevant AI standards and frameworks, such as: ISO 42001, OWASP LLM Top 10, NIST AI RMF, OECD AI Principles
- Understanding of EU AI Act obligations and how they apply to a fintech / financial services context, with the ability to map them to concrete controls
- Strong grasp of data protection and privacy-by-design in AI (data minimisation, pseudonymisation/anonymisation, retention and deletion of training and log data)
Tech Stack
- Cyber Security
- Python
Benefits
- Thriving, financially stable company
- Strong experienced international team to support and mentor you along the way, smooth onboarding process
- International team of 30+ nationalities with professionals and experts
- Flat hierarchy, transparent and appreciative feedback culture, monthly all hands meetings, annual feedback and evaluation cycle, regular 1-on-1s with your lead
- Well-structured onboarding process as well as supportive and welcoming colleagues
- Personal learning & development budget as well as German and English language courses
- Good salary for your strong performance
- Unlimited employment contract, flexible working hours and 28 vacation days for your work-life balance
- Company pension plan, partly covered Deutschlandticket (public transport) and access to “Corporate Benefits” voucher platform to ensure your full well-being
- Fun company summer and Christmas parties as well as regular team events