TradeStationRemote
Sr. AI Security Engineer
United States
Full-time
1 week ago
$170,000 - $190,000 USD
H1B Sponsor Likely
Key skills
AIArtificial IntelligenceLLMLarge Language ModelsAWSAzureJiraConfluenceAgileSDLCCI/CDLeadershipProject ManagementCommunicationProblem SolvingCollaborationOWASPCloud Security
About this role
TradeStation is an online brokerage firm focused on delivering an exceptional trading experience. They are seeking a Senior AI Security Engineer to drive AI strategy within the Information Security department, leveraging AI technologies for security enhancements while protecting sensitive data and infrastructure.
Responsibilities:
- Driving AI strategy within the Information Security department with a focus on leveraging AI technologies to augment or replace existing security technologies designed to protect TradeStation and its customers
- Enabling TradeStation to rapidly adopt and leverage AI technologies across the enterprise while protecting sensitive data, TradeStation’s infrastructures, and our customers
- Understanding existing and emerging AI-based security threats and recommending/designing appropriate countermeasures at all levels including networking, application, and others
- Serving as a subject matter expert on AI technologies including LLM’s, MCP’s, development tools and workflows, used across the TradeStation enterprise and recommending / implementing appropriate security controls as well as advising stakeholders across the organization on security-related AI matters
- Identify current security controls, processes, and technologies that may be improved through migration to AI-based tooling
- Recommend appropriate changes and lead initiatives for measurable improvement
- Educate, mentor, and advise other members of the Security team on the implementation, management, and use of new security AI tooling
- Design, test, and implement strategies to address malicious activity that leverages AI for complex and time-sensitive attack methods
- Build AI-assisted SOC / detection enablement, applying AI technologies to security operations
- Develop and deliver security metrics and trend data to assist the organization’s understanding of overall AI security risk
- Serve as a trusted advisor to multiple stakeholders, both technical and nontechnical, across the company in protecting information as we rapidly adopt new AI technologies
- Identify risks associated with internal AI usage and recommend appropriate controls
- Perform risk assessments on proposed AI initiatives and technologies
- Provide expertise to product and development leadership on AI security aspects of customer-facing AI technologies
- Evaluate AI tools, APIs, and vendors for security posture before adoption (e.g., data retention policies, model access controls, terms of service risk)
- Monitor evolving AI threat landscape (prompt injection, jailbreaking, model poisoning, adversarial inputs) and translating findings into actionable guidance for the team
- Enforce controls to prevent sensitive/regulated data (PII, PCI, trading data) from being inadvertently exposed through AI prompts or tools
- Draft and maintain AI-specific security policies and acceptable use standards (this is distinct from general GRC work and fits the role well)
- Maintain awareness of what AI tools are in use across the enterprise, including unsanctioned/shadow AI, and developing a process to manage it
Requirements:
- Bachelor's degree in Information Technology, Computer Science, Information Security, or related field; OR equivalent combination of relevant education, training, and experience
- Minimum 7 years professional experience in information security in hands-on roles such as security engineering and/or application security
- Must be located within the US states of Florida, Texas, Illinois, New York, New Jersey, Colorado, Idaho, Massachusetts, Michigan, Minnesota, Missouri, North Carolina, South Carolina, Utah, or Virginia
- Must be able to work core US Eastern Time hours as well as other times as needed
- Ability to travel to company offices, including international offices, or other locations occasionally as needed for meetings, training, to perform work tasks, etc
- A strong information security knowledge foundation including security principles, frameworks, risk mitigation, etc
- Strong understanding of artificial intelligence concepts, technologies, and methods including, but not limited to: large language models (LLM's) such as Claude, ChatGPT, and others, AI-based development tools such as CoPilot and others, model context protocol (MCPs), and their application to information security programs, as well as AI risk mitigation
- Familiarity with OWASP Top 10 for LLMs / MITRE ATLAS
- Familiarity with API security, specifically around MCP and LLM integration
- Hands-on prompt engineering / security testing experience with knowledge of how attacks against AI technologies both in theory and in practice
- Experience leveraging AI technologies to improve efficiency, reduce risk, and enhance security operations
- Operational excellence: Strong project management mindset with exceptional organizational skills and attention to detail
- Autonomy and judgment: Ability to work independently, make sound decisions, and know when to escalate or seek guidance
- Follow-through: Proven track record of driving initiatives to completion and following up with stakeholders on assigned tasks
- Communication skills: Excellent written and verbal communication skills, including the ability to facilitate meetings, document complex topics clearly, and interact professionally with all organizational levels
- AI proficiency: Demonstrated ability to leverage AI tools to enhance work quality, accelerate tasks, and solve problems creatively
- Risk assessment & documentation: Ability to support or conduct security risk assessments, document risk details clearly, and track remediation activities to closure
- Incident response familiarity: Understanding of incident response processes, documentation requirements, and the coordination needed to support response and post-incident activities
- Collaboration: Ability to work effectively across IT, Compliance, ERM, and business units to achieve shared objectives
- Adaptability: Comfortable operating in dynamic environments where priorities shift and requirements evolve
- Problem Solving: Practical problem-solving approach that balances process with pragmatism
- Strong proficiency with Microsoft Office, collaboration tools (Jira, Confluence, SharePoint), and project management practices
- Must have a passion for information security and AI, a strong desire to learn and apply new knowledge
- Working knowledge of cloud security in AWS and Azure environments
- Experience in financial services, fintech, or other highly regulated industries
- Familiarity with Agile, SDLC, and CI/CD concepts
- Knowledge of incident response frameworks and processes
- Demonstrated progression toward a security career path and willingness to pursue relevant certifications
- One or more industry-recognized security certifications: CISSP, CISM, CISA, CRISC, Security+, CASP+, CySA+, GAISE or other GIAC certifications