Key skills
AI/LLM security risksPrompt injection defenseUnsafe output handlingTool-use abuse mitigationData leakage preventionIdentity misuse preventionAgentic workflow securityNIST AI RMFMITRE ATLASOWASP LLM Top 10Azure securityGCP securityAWS securityDefender for CloudWizGCP SCCAI red-team toolingPyRITPromptfooAgentDojoDetection engineeringMonitoring and alerting for AI systemsPythonSecure API designAccess controlsSecrets managementHIPAA data handlingPHI/PII protectionIdentity and access managementRuntime policy enforcementSenior individual contributorAIMLGenerative AIGenAILLMAgenticData EngineeringAWSAzureGCPSaaSCI/CDLeadershipOWASPCloud Security
About this role
enGen is a company focused on securing AI/ML and Generative AI systems in a regulated healthcare environment. The Senior AI Security Engineer will design, implement, and operate security controls for these systems while advising on emerging AI threats and regulatory exposure.
Responsibilities:
- Design, implement, and operate security controls for AI/ML, GenAI, and agentic systems — spanning model-level, data-level, and platform-level protections across Azure, GCP, AWS, and SaaS
- Engineer and enforce guardrails that mitigate prompt injection, unsafe outputs, unauthorized tool execution, data leakage, and insecure agentic workflow behavior, with explicit focus on PHI/PII exposure
- Design and execute AI red-team exercises targeting LLMs and AI agents including prompt injection (direct and indirect), jailbreaking, tool and memory poisoning, behavioral drift, unsafe autonomy, and emergent privilege escalation
- Analyze agent logic, tool graphs, and multi-step workflows to identify systemic security weaknesses beyond prompt-level attacks; translate findings into reusable attack libraries and actionable engineering fixes
- Build and maintain monitoring, logging, and alerting for AI systems covering prompt behavior, tool invocation patterns, output anomalies, and workflow execution — and implement detection content for policy-violating AI behavior
- Embed security controls into CI/CD pipelines and agentic delivery workflows; partner with AI platform, data engineering, and application teams to integrate security requirements from design through deployment gate
- Apply NIST AI RMF, MITRE ATLAS, and OWASP LLM Top 10 to assess and manage AI security risks; contribute to enterprise AI security standards, reference architectures, and governance policy; advise leadership on AI cybersecurity risk and regulatory considerations specific to healthcare AI deployment
- Other duties as assigned or requested
Requirements:
- 5 years of experience in Cybersecurity engineering, application security, or platform security
- 3 years of experience in AI/ML or Generative AI security (prompt injection defense, unsafe output handling, tool-use abuse, data leakage)
- Bachelor's degree in Computer Science, Computer Engineering, Information Technology, Cybersecurity, or closely related discipline or relevant experience and/or education as determined by the company in lieu of bachelor's degree
- 5 years of experience in Securing production systems in enterprise environments
- 3 years of experience in Hybrid multi-cloud security (Azure, GCP, AWS)
- 2 years of experience in Detection engineering, monitoring, and alerting for complex application or workflow environments
- 2 years of experience in AI red-team execution (jailbreaking, behavioral drift, misuse-case validation; tools such as PyRIT, Promptfoo, AgentDojo)
- 2 years of experience in Securing agentic systems, multi-step AI workflows, or tool-calling architectures
- 2 years of experience in Highly regulated industry (healthcare, financial services) with HIPAA or equivalent compliance obligations
- 1 year of experience in Identity, access management, secrets handling, and runtime policy enforcement for AI workloads
- Master's degree in Cybersecurity, Computer Science, or a related field
- Certified Information Security Professional (CISSP)
- AWS Certified Security Specialty, Microsoft AZ-500, or Google Professional Cloud Security Engineer
- AI security credentials or coursework (SANS AI Security, NIST AI RMF practitioner training)