Gen AI Security Consultant

Position: Gen AI Security Consultant
Location: Remote Duration: 6 Months+

• 10+ years of related experience with 5+ years of progressive professional growth in a customer-facing security/cybersecurity services delivery role
• Ability to influence and interact with confidence and credibility at all levels within and with our customers, partners, and vendors
• Proven experience with client facing professional services delivery from presentations, documentation, workshops, and interviews to full-scale enterprise-wide security/cybersecurity services delivery.
• Ability to articulate complex concepts, build consensus and deliver high quality work products.
• Experience working on project teams within a defined methodology while adhering to margin, planning and SOW requirements.
• Desire and ability to travel domestically 50% or more.
• Technical skills as outlined below.

1. Desirable Requirements

• 8+ years of experience Consulting, Assessing, implementing, and supporting security/cybersecurity services.
• Good understanding of Artificial Intelligence and associated security risks
• Experience with consulting and advocating customers on Generative AI security space
• General knowledge of Machine Learning
• Bachelor's degree from an accredited institution (Management, Computer Science / Technical); Master's degree from an accredited institution (Management, Computer Science / Technical) is a plus.

1. Required Techno-functional Skills:

• Subject matter expertise in consultation, design, implementation, administration, and monitoring of security/cybersecurity services in large enterprise environments.
• Robust technical knowledge of Generative AI infrastructure security design and monitoring: including SOC (Security Operations Center) solutions such as SIEM (Security Information and Event Management), EDR/MDR/XDR (Endpoint/Managed/Extended Detection and Response), SOAR (Security Orchestration, Automation, and Response), DLP (Data Loss Prevention) architectures.
• Knowledge of attack surfaces and mitigation strategies to protect Data through all stages of Generative AI application life cycle (From defining Gen AI strategy through data preparation, use case identification, platform implementation, model training & Gen AI operationalization).
• Expertise in identifying, prioritizing, and mitigating Generative AI model, execution, data, and application risks: by leveraging existing and evolving industry standard:
• MITRE ATLAS
• OWASP Client Top 10
• OWASP LLM Top 10
• NIST AI 100-1 RMF
• EU Artificial Intelligence Act

• E.g., Knowledge of techniques to protect Gen AI application components against various attacks including but not limited to
• Data Poisoning
• Input Manipulation
• Model Poisoning or Weaponization of AI models
• Sponge poisoning
• Model theft / Data Exfiltration
• Software supply chain attacks (Malware)
• Ability to identify sensitive data to be secured from being attacked, tampered with or exfiltrated from the Generative AI application components.
• Ability to review and recommend Generative AI relevant enhancements to existing Security Governance, Risk, Regulatory Compliance to enterprises.
• Experience in aligning the organization's GenAI solution to data governance requirements.
• Expertise to reduce Gen AI data related cyber risks, Improve the resiliency and confidence of the model outcomes through a wider and deeper examination of attack surfaces towards zero trust posture.
• Candidate proactively learns upcoming frameworks and best practices in securing ever changing Generative AI capabilities.

1. Desired Technical Skills:

• Experience with general application attack surfaces and mitigations.
• Experience with Generative AI attack surfaces and mitigations when integrating Generative AI into other/existing applications & architectures.
• Professional Cybersecurity Certifications such as CISSP, CISA, CRISC, CEH, TOGAF
• Ability to bring in visibility & control by planning, implementing, and configuring e.g., SIEM / MDR solutions for Gen AI application components.