Overview
On Site
Hybrid
$107.14 hr
Contract - W2
Contract - Independent
Contract - 4+ mo(s)
Skills
SECURITY ENGINEER
AI SECURITY ENGINEER
PYTHON SECURITY ENGINEER
AI
ARTIFICIAL INTELLIGENCE
COPILOT
CO-PILOT
CO PILOT
GCP
GOOGLE CLOUD
PYTHON
IAM
ARTIFACT REGISTRY
SECRET MANAGER
VPC SC
SCC
GKE
CLOUD RUN
POC
PROOF OF CONCEPT
SAST
DAST
SCA
Job Details
At-a-Glance:
Are you ready to build your career by joining a commercial data and analytics company. If so, our client is hiring an AI Senior Security Engineer.Position Type:
Contract
Hybrid
Required:
- Required Qualifications
- Minimum 7+ years of experience in software engineering or security engineering, with a strong focus on Python development and secure service design.
- Proven expertise in Google Cloud Platform (IAM, GKE/Cloud Run, Cloud Build, Artifact Registry, Secret Manager, VPC SC, SCC) and DevOps practices (IaC, CI/CD, policy as code).
- Practical understanding of AI threat models and mitigations, including prompt injection, content moderation, output redaction, secrets hygiene, and endpoint hardening.
- Preferred Qualifications
- Familiarity with enterprise collaboration controls (Purview, Copilot DLP, Restricted Access sites) and validation methodologies.
- Experience integrating evaluation/red team harnesses into CI/CD pipelines, including gating based on evaluation regressions.
- Awareness of regulatory implications (EU AI Act, GDPR) for telemetry, logging, and DPIAs.
- Knowledge of SDLC-aligned security tooling (SAST, DAST, SCA) and dependency governance.
- Secure AI Access Layers: Develop Python-based middle-tier services for internal and service-to-service AI interactions, including request/response inspection, output redaction, rate limiting, and audit logging. Integrate with sensitivity labels, DLP, and identity controls.
- Agent Safety Engineering: Build reusable modules for agent orchestration frameworks, including tool use allow lists, sandboxing, constrained retrieval, and memory hygiene.
- Evaluation Pipelines: Implement CI/CD-integrated evaluation harnesses for red team prompts, jailbreak detection, toxicity/PII checks, hallucination scoring, and grounding validation. Gate releases based on evaluation thresholds and capture artifacts for 5Rs evidence.
- Google Cloud Platform Security Controls: Engineer robust security configurations for AI workloads using VPC SC, Private Service Connect, Workload Identity Federation, CMEK, Secret Manager, Cloud Build, Artifact Registry, and SCC alerting.
- Data Pipeline Hardening: Collaborate with data engineering teams to secure model input pipelines against poisoning and tampering, ensuring provenance, RBAC/ABAC enforcement, and DLP integration.
- Automation & Policy as Code: Automate enforcement of least privilege, environment isolation, egress controls, and artifact signing. Integrate with existing SAST/DAST/SCA and threat modeling workflows.
- Copilot Security Enablement: Configure and validate Purview sensitivity labels, Copilot DLP, Restricted Access sites, and Conditional Access policies for AI applications.
- Security Use Case Generation: Leverage LLMs to ingest architecture diagrams, data flow specifications, and service metadata to generate AI-assisted security use cases.
- SOC Agent Engineering: Build autonomous and assisted SOC agents to ingest and enrich alerts from Defender XDR, Sentinel, and approved third-party sources.
If you think you'd be a good match, submit your resume and reach out to Prakash at to learn more.
#LI-VK1
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.