Engineer II (AI Security Infrastructure Engineer) B3617

Research, evaluate, and design AI Security Infrastructure solutions to address security control gaps and align with leadership strategy and roadmaps.,Conduct proof-of-concepts (PoC's) for new security technologies and protocols and support hardening efforts for mission-critical assets in Azure, Google Cloud, and On-Premises environments.,Evaluate and secure emerging standards for multi-agent workflows, such as Agent-to-Agent (A2A) and Model Context Protocol (MCP).,Perform deep security assessments and validation of infrastructure and connection points for third-party LLM and RAG (Retrieval-Augmented Generation) applications.,Support threat modeling exercises for new AI applications and pipelines to proactively identify design flaws and adversarial attack vectors (e.g., prompt injection paths).,Support the design, build, and testing of security controls to mitigate common AI/ML attacks based on frameworks like OWASP Top 10 for LLM Applications and Mitre Atlas.,Define and implement security designs for Identity and Access Management (IAM), with a focus on securing non-human identities, service principles, and cross-cloud access.,Own the security strategy for all AI service consumption, including hardening API Gateways and securing authentication flows (e.g., OAuth 2.0/OIDC) for model endpoints.,Design and conduct PoC's for secure storage, injection, and rotation of confidential data (API keys, model weights, database credentials) using solutions like Azure Key Vault and GCP Secret Manager.,Establish security configuration baselines and network segmentation (e.g., Private Link, VPC Service Controls) for AI-specific cloud resources on Azure and GCP.,Provide essential infrastructure security expertise and tooling to support the AI Red Team program.,Collaborate with DevOps, Governance, Vulnerability Management, and Platform Engineering partners to translate successful security PoC's and designs into robust, production-ready solutions and Infrastructure as Code (IaC) controls.

7+ years of progressive experience in Cybersecurity, Cloud Security Engineering, Application Security, or AI Security and Automation.,2-3+ years of experience in machine learning / A.I.,Strong understanding of the AI/ML development lifecycle and the unique security risks associated with Generative AI, LLMs, and RAG architectures.,Familiarity with the security implications of emerging agent collaboration protocols (A2A and MCP).,Experience with risk assessment, vulnerability research, or threat modeling focused on AI systems.,Desired: Relevant professional certifications (e.g., Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, CISSP, CCSP).,Desired: Experience securing containerized environments (Kubernetes/AKS/GKE).,Desired: Familiarity with Infrastructure as Code (IaC) tools such as Terraform or Pulumi.

Job opportunity is subject to provincial regulation for employment purposes.