AI Security Architect

Summary

Join EnableComp as an AI Security Architect to lead the secure implementation of AI and machine learning initiatives. Design, implement, and manage the security posture for all AI/ML efforts. Collaborate with IT and development teams to integrate advanced AI security tooling. Enhance the security of the flagship application, "Enforcer," using cutting-edge AI technologies. Establish a secure AI development lifecycle and act as the central point of contact for vetting secure AI solutions. Maintain a portfolio of approved AI tools and services, stay current on AI security threats and regulations, and provide regular updates to leadership. Manage the TPRM platform, streamline the AI vendor assessment process, and contribute to broader information security team initiatives.

Requirements

• Bachelor’s degree in computer science, Information Security, or a related field
• 5-7+ years of experience in a senior information security role
• Demonstrable experience working within the Microsoft Azure ecosystem, including securing data services like Azure Data Lake Storage, Azure Databricks, and Azure Machine Learning
• Deep understanding of the security challenges and controls for Large Language Models (LLMs), including prompt injection, data poisoning, and model theft
• Proven experience working in a dynamic business environment, particularly within a company undergoing a significant technological transformation
• Strong understanding of secure software development lifecycle (SDLC) principles

Responsibilities

• Collaborate directly with the IT & Development teams to design and integrate advanced AI security tooling at the application level
• Take a leading role in enhancing the security capabilities of our flagship in-house application, "Enforcer," by leveraging cutting-edge AI technologies
• Partner with our Development teams to establish a secure AI development lifecycle
• Assist in the evaluation, selection, and secure configuration of AI/ML tools, libraries, and platforms to empower our developers while maintaining a robust security posture
• Act as the central point of contact for vetting and suggesting secure AI solutions for business units across the entire organization
• Develop and maintain a curated portfolio of approved AI tools and services that align with our security standards and business objectives
• Stay at the forefront of the rapidly evolving AI landscape, including new technologies, emerging threats, and changing regulatory requirements (e.g., GDPR, CCPA as they relate to AI)
• Provide regular updates and strategic recommendations to leadership on AI-related security matters
• Manage and optimize our TPRM platform
• Leverage the platform to establish and streamline a comprehensive AI vendor assessment process, creating clear requirements for onboarding new AI partners and solutions
• Contribute to the daily operations and strategic initiatives of the broader Information Security team
• Assist in incident response, threat modeling, and security architecture reviews as needed

Preferred Qualifications

• Practices and adheres to EnableComp’s Core Values, Vision and Mission
• Engineer, implement and monitor security measures for the protection of computer systems, networks and information
• Identify and define system security requirements
• Experience managing servers, particularly virtualized environments
• Ability to work well with team members to produce results
• Excellent communication skills, utilized to collaborate both within IT and across all functions of the company to drive IT security initiatives
• Excellent mentoring and coaching skills to assist in training staff on security directives
• Design computer security architecture and develop detailed cyber security designs
• Prepare and document standard operating procedures and protocols
• Problem solving skills and ability to work under pressure
• Advises senior management by identifying critical security issues; recommending risk-reduction solutions
• Solid understanding of HIPAA and applicable compliance frameworks (SOC2, HITRUST)
• Strong project management and technical troubleshooting ability
• Strong writing\documentation skills necessary
• Ability to articulate security-related concepts to a broad range of technical and non-technical staff
• Ability to work on larger projects as well as balance day to day requirements