[Remote] AI Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)
Note: The job is a remote job and is open to candidates in USA. GuidePoint Security is a rapidly growing cybersecurity firm that provides trusted expertise and solutions to organizations. They are seeking an AI Security Engineer to assist customers in designing, implementing, and managing generative AI security solutions, while collaborating across various security domains to ensure best practices are followed.
Responsibilities
- AI Security Architecture & Assessment: Advise on and assess the security posture of AI/ML systems, including LLMs, GenAI pipelines, and model serving infrastructure — identifying vulnerabilities, attack surfaces, and gaps against industry frameworks (e.g., OWASP LLM Top 10, MITRE ATLAS)
- Threat Modeling for AI Systems: Lead threat modeling exercises specific to AI workloads, covering adversarial inputs, prompt injection, model inversion, data poisoning, and supply chain risks across SaaS, self-hosted, and local AI deployments
- Secure AI Integration Guidance: Advise internal teams on securely integrating SaaS AI services and APIs (e.g., OpenAI, Azure OpenAI, Bedrock) into enterprise applications, including safe handling of credentials, outputs, and user data
- Data Security & Privacy Controls: Evaluate and recommend controls for data ingestion pipelines, RAG architectures, and vector databases to prevent unauthorized data exposure, leakage through model outputs, or non-compliant data processing
- Collaboration & Stakeholder Engagement: Serve as a trusted security advisor bridging business stakeholders, AI/ML engineers, IT operations, and information security teams on all matters related to AI risk and security
- Stay Current on AI Threat Landscape: Continuously track emerging AI security research, adversarial techniques, regulatory developments, and vendor security advisories to keep client guidance relevant and proactive
- Security Documentation & Standards: Produce and maintain security architecture documentation, risk assessments, control frameworks, and guidelines tailored to the organization's AI environment
- Strategic AI Security Roadmap: Contribute to the development of a long-term AI security strategy, including prioritized remediation roadmaps, capability maturity assessments, and investment recommendations
- Security Awareness & Education: Develop and deliver training and awareness content for technical and non-technical stakeholders on AI-specific risks, responsible AI usage, and secure development practices for AI-powered applications
Skills
- 5+ years of experience in security engineering with a significant focus on cloud security and/or AppSec
- Hands-on experience implementing, managing, securing, and supporting Agentic AI solutions within an enterprise context
- Familiarity with major cloud service provider AI-focused services such as AWS Bedrock, AWS SageMaker, Azure AI Foundry, or Google Vertex
- Proficiency in at least one relevant programming language, preferably Python
- Solid understanding of generative AI concepts, Large Language Models (LLMs), context engineering, agentic tool usage, and foundational AI/ML principles
- Deep knowledge and real operational experience in the usage of Agentic Coding assistants like Claude Code, Open Code, Cursor, or Codex
- Strong written and oral communication and interpersonal skills, with the ability to explain complex technical concepts to both technical and non-technical audiences
- Demonstrated experience applying security principles to AI implementations, including data protection, access controls, and threat modeling for AI systems
- Understanding of AI-specific security challenges including prompt injection, data poisoning, supply chain security, and model extraction attacks
- Certifications such as: AWS Certified AI Practitioner/AWS Certified Machine Learning Engineer, Azure AI Engineer Associate, Claude Certified Architect
- Understanding or experience with model fine-tuning techniques
- Familiarity with red teaming of agentic systems
- Experience with policy as code languages like Cedar or Rego and Infrastructure as Code (IaC) tools like AWS CloudFormation, Terraform, OpenTofu, or equivalent technologies
- Experience designing and implementing agentic AI architectures that balance security and autonomy
- Familiarity with MCP client/server architecture vs. agentic skills and the associated security risks of each
Benefits
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint pays 90% of the premium for employees and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint pays 100% of the employees premiums and 75% for family plans (spouse/children/family). If you choose the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per EE annually / $1750 per family annually (includes spouse/children/family options)
- Group Dental Insurance: GuidePoint pays 100% of the premium for employees and 75% of family plans
- 12 corporate holidays and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Benefit Option
Company Overview