Job Title: AI Security Engineer (Detection & Monitoring)

Location: Remote
Type: Contract (12 Months, Extendable)

About the Role

We are seeking a highly skilled AI Security Engineer to help identify, monitor, and mitigate risks associated with the use of AI tools across the enterprise. This role will focus on analyzing AI-related traffic, building detection pipelines, and delivering actionable insights to security leadership, including the CISO.

You will work at the intersection of security engineering, data engineering, and AI governance, helping to uncover shadow AI usage, protect sensitive data, and build real-time monitoring capabilities.

Key Responsibilities

• Audit AI endpoint traffic using proxy, firewall, and DNS logs to identify sanctioned vs. shadow AI tool usage

• Build scalable Python-based pipelines to ingest and correlate data from SIEM, EDR, and cloud audit logs

• Develop and maintain detection rules using SPL, KQL, or similar query languages

• Implement DLP-style pattern matching (regex-based) to detect PII, source code, and confidential data in outbound AI traffic

• Analyze network traffic including HTTP/HTTPS, TLS metadata, DNS, and SNI

• Create and deliver an AI Risk Heat Map segmented by tool, department, and data sensitivity

• Design and maintain real-time dashboards for both technical and non-technical stakeholders

• Collaborate with security, compliance, and engineering teams to enhance AI risk visibility and controls

Required Skills

Tier 1 (Must-Have)

• Strong proficiency in Python (data pipelines, log processing)

• Hands-on experience in network traffic analysis (HTTP/HTTPS, TLS, DNS, SNI)

• Experience with log engineering (JSON, CEF, syslog from SIEM/proxy/EDR/cloud)

• Expertise in regex and pattern matching for DLP/data detection

• Solid understanding of REST APIs (OAuth, JWT, API keys)

Tier 2 (Good to Have)

• Experience with SIEM query languages (SPL, KQL, Lucene/EQL)

• Knowledge of cloud audit logs (AWS CloudTrail, Azure Activity Logs, Google Cloud Platform)

• Familiarity with EDR tools (CrowdStrike, SentinelOne, Microsoft Defender)

• Basic understanding of NLP or text classification for prompt/content analysis

Nice to Have

• Hands-on experience with LLM APIs (OpenAI, etc.)

• Exposure to CASB (Cloud Access Security Broker) solutions

• Familiarity with open-source AI/security tools

Why Join Us

• Work on cutting-edge AI security challenges

• High visibility role with direct impact on CISO-level decision making

• Opportunity to build end-to-end detection and monitoring systems