AI Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security is a trusted provider of cybersecurity expertise and solutions. They are seeking an AI Security Engineer to assist customers in designing and implementing generative AI security solutions while collaborating with various teams to ensure secure integration and management of AI systems.

Responsibilities:

• Advise on and assess the security posture of AI/ML systems, including LLMs, GenAI pipelines, and model serving infrastructure — identifying vulnerabilities, attack surfaces, and gaps against industry frameworks (e.g., OWASP LLM Top 10, MITRE ATLAS)
• Lead threat modeling exercises specific to AI workloads, covering adversarial inputs, prompt injection, model inversion, data poisoning, and supply chain risks across SaaS, self-hosted, and local AI deployments
• Advise internal teams on securely integrating SaaS AI services and APIs (e.g., OpenAI, Azure OpenAI, Bedrock) into enterprise applications, including safe handling of credentials, outputs, and user data
• Evaluate and recommend controls for data ingestion pipelines, RAG architectures, and vector databases to prevent unauthorized data exposure, leakage through model outputs, or non-compliant data processing
• Serve as a trusted security advisor bridging business stakeholders, AI/ML engineers, IT operations, and information security teams on all matters related to AI risk and security
• Continuously track emerging AI security research, adversarial techniques, regulatory developments, and vendor security advisories to keep client guidance relevant and proactive
• Produce and maintain security architecture documentation, risk assessments, control frameworks, and guidelines tailored to the organization's AI environment
• Contribute to the development of a long-term AI security strategy, including prioritized remediation roadmaps, capability maturity assessments, and investment recommendations
• Develop and deliver training and awareness content for technical and non-technical stakeholders on AI-specific risks, responsible AI usage, and secure development practices for AI-powered applications

Requirements:

• 5+ years of experience in security engineering with a significant focus on cloud security and/or AppSec
• Hands-on experience implementing, managing, securing, and supporting Agentic AI solutions within an enterprise context
• Familiarity with major cloud service provider AI-focused services such as AWS Bedrock, AWS SageMaker, Azure AI Foundry, or Google Vertex
• Proficiency in at least one relevant programming language, preferably Python
• Solid understanding of generative AI concepts, Large Language Models (LLMs), context engineering, agentic tool usage, and foundational AI/ML principles
• Deep knowledge and real operational experience in the usage of Agentic Coding assistants like Claude Code, Open Code, Cursor, or Codex
• Strong written and oral communication and interpersonal skills, with the ability to explain complex technical concepts to both technical and non-technical audiences
• Demonstrated experience applying security principles to AI implementations, including data protection, access controls, and threat modeling for AI systems
• Understanding of AI-specific security challenges including prompt injection, data poisoning, supply chain security, and model extraction attacks
• Certifications such as: AWS Certified AI Practitioner/AWS Certified Machine Learning Engineer, Azure AI Engineer Associate, Claude Certified Architect
• Understanding or experience with model fine-tuning techniques
• Familiarity with red teaming of agentic systems
• Experience with policy as code languages like Cedar or Rego and Infrastructure as Code (IaC) tools like AWS CloudFormation, Terraform, OpenTofu, or equivalent technologies
• Experience designing and implementing agentic AI architectures that balance security and autonomy
• Familiarity with MCP client/server architecture vs. agentic skills and the associated security risks of each