Key skills
DevSecOpsNIST RMFMulti-tenant systemsContainerizationAI/ML frameworksIdentityAccess ManagementVulnerability scanningCompliance standardsPythonBashTerraformAnsibleAWS GovCloudAzure GovernmentAIMLPyTorchTensorFlowMLOpsMLflowData LakeAWSAzureKubernetesDockerIAMPrismaElasticsearchCI/CDRisk ManagementOWASP
About this role
Razor is seeking a Security Engineer with expertise in Information Assurance and DevSecOps to support the development and security of a multi-tenant AI/MLOps platform. The role involves ensuring compliance with federal cybersecurity standards while addressing security risks related to AI/ML workloads and collaborating with various engineering teams.
Responsibilities:
- Perform security assessments and execute Risk Management Framework (RMF) processes for a highly multi-tenant AI/MLOps platform, ensuring the system achieves and maintains Authorization to Operate (ATO)
- Identify risks associated with AI/ML models, data pipelines, and training workflows; recommend secure configurations and policies
- Partner with DevOps and MLOps engineers to embed DevSecOps practices throughout the AI/ML lifecycle, including secure CI/CD pipelines for model training, deployment, and monitoring
- Define and validate security measures for AI/ML model governance, including protections against poisoning, ensuring data privacy, and managing tenant isolation
- Secure multi-tenant cloud environments by implementing workload segmentation, least privilege, and effective identity and access management (IAM) for tenants
- Use tools such as Prisma Cloud and Twistlock to secure containerized workloads, and collaborate with development teams to remediate vulnerabilities in AI models, libraries, and frameworks
- Monitor and test platform security using vulnerability scanners, network monitors, and compliance methods aligned with NIST 800-53 and federal requirements
- Utilize SNOW CAM to document security artifacts, maintain compliance evidence, and report progress to stakeholders
- Collaborate with data scientists, MLOps engineers, and platform teams to ensure security while balancing usability and performance
Requirements:
- Bachelor's degree in engineering or a related scientific or technical discipline is required
- 12+ years total IT DevSecOps experience
- 3+ years of cybersecurity experience performing A&A processes and applying NIST RMF requirements to cloud-native environments
- 3+ years experience securing or working with multi-tenant systems, preferably AI/ML platforms or data-intensive applications
- Experience with containerized environments (Kubernetes, Docker) and AI/ML frameworks (TensorFlow, PyTorch, MLflow)
- Familiarity with AI/ML security challenges including data provenance, adversarial attacks, and secure model deployment
- Knowledge of tenant isolation techniques including network segmentation, user/group roles, and identity federation
- Hands-on experience implementing DevSecOps pipelines using IaC tools (Terraform, Ansible) and scripting languages (Python, Bash)
- Working knowledge of AWS GovCloud, Azure Government, or other compliance-focused cloud regions
- Expertise using vulnerability scanning and remediation tools such as Nessus, OWASP ZAP, or cloud-based security platforms
- Experience with compliance standards including NIST SP 800-53, 800-37, ISO/IEC 27001, or comparable frameworks
- Familiarity with AI ethics, data privacy laws, and their intersection with security in federal contracts
- Experience configuring secure model training and inference workflows, addressing data leakage, model drift, and adversarial ML threats
- Knowledge of trusted AI principles, model poisoning mitigations, and techniques to prevent data reconstruction attacks
- Hands-on knowledge of encryption methods for AI/ML data at rest and in transit, including data lake security and homomorphic encryption
- Familiarity with federated learning and securing decentralized AI models
- Exposure to Elasticsearch or high-performance database security