Its a FTE role NO C2C/NO 1099

Job Title: AI Security Specialist

Location: Remote

Duration: Full Time – FTE

Onsite Interview in NY/DC

Proficiency with AI red teaming tooling such as Microsoft PyRIT, NVIDIA Garak, Promptfoo, Giskard, or comparable frameworks; ability to author custom probes and harnesses.

Required Certifications

Candidates must hold one or more of the following:

• CISSP — Certified Information Systems Security Professional (ISC²)
• CISM — Certified Information Security Manager (ISACA)

Main focus of this role is to make sure employees use AI tools safely without accidentally leaking confidential data or getting hacked through AI-specific attack methods.
Key focus on hands-on AI red teaming (basically trying to "break" AI systems to find weaknesses), experience with tools like Microsoft PyRIT, Garak, or Promptfoo, securing enterprise AI platforms like Microsoft Copilot and Azure OpenAI, and knowledge of AI threat frameworks like OWASP Top 10 for LLMs and MITRE ATLAS. Should have a CISSP or CISM certification.

Role Summary

The AI Security Specialist safeguards the firm''s use of artificial intelligence — from Microsoft Copilot and generative AI tools to internal ML models and third-party AI services. This role establishes guardrails, monitors AI usage, evaluates emerging AI products, and ensures all AI deployments meet legal, regulatory, and client confidentiality obligations.

Key Responsibilities

• AI Risk Assessment — Evaluate security, privacy, and compliance risks of AI tools before adoption (Copilot, ChatGPT Enterprise, Anthropic Claude, e-discovery AI, etc.).
• Threat Detection — Monitor for AI-specific threats: prompt injection, model poisoning, data exfiltration via LLMs, and shadow AI usage.
• Vendor & Model Review — Conduct security reviews of AI vendors, including data residency, training data usage, retention, and SOC 2 / ISO 42001 posture.
• Data Protection — Partner with other business units to prevent privileged client data, work product, and PII from leaking into public or improperly governed AI systems.
• Incident Response — Lead investigation and response for AI-related incidents (data leakage, model abuse, compromised AI accounts).
• AI Red Teaming — Plan and execute adversarial testing programs against internal and vendor AI systems: prompt injection, jailbreaks, data exfiltration, model inversion, training data extraction, and agent abuse. Coordinate engagements with external red teams for high-risk deployments and translate findings into prioritized remediations.
• Training & Awareness — Build and deliver AI security training and advice on safe use of AI.
• Regulatory Alignment — Track and operationalize NIST AI RMF, EU AI Act, NY DFS Part 500, and client-specific AI requirements.

Required Qualifications

• 5+ years in information security, with 2+ years focused on AI/ML security or AI governance.
• Demonstrated hands-on AI red team experience — including prompt injection and jailbreak testing, adversarial ML techniques, LLM/agent abuse scenarios, and structured engagements aligned to OWASP Top 10 for LLMs and MITRE ATLAS.
• Proficiency with AI red teaming tooling such as Microsoft PyRIT, NVIDIA Garak, Promptfoo, Giskard, or comparable frameworks; ability to author custom probes and harnesses.
• Strong working knowledge of LLM architectures, RAG systems, and AI agent frameworks.
• Experience securing Microsoft 365 Copilot, Azure OpenAI, Anthropic Claude or comparable enterprise AI platforms.
• Understanding of data classification, DLP, and identity governance (Purview, Entra).
• Bachelor''s degree in Computer Science, Cybersecurity, or related field.

Preferred Qualifications

• Experience in a law firm, financial services, or other highly regulated environment.

Prior participation in AI/ML CTFs, bug bounties (e.g., HackerOne AI programs), or published AI red team research

Thanks & Regards.

Aviral Sapra

Voto Consulting LLC

Direct #: