What You Will Do
-
Continuously monitor and identify unsanctioned ("shadow AI") usage across the organization, assessing associated data and compliance risks.
-
Investigate and triage AI-related security alerts, driving timely resolution in accordance with defined service levels.
-
Act as a subject matter expert during AI-related incidents, supporting containment, eradication, and post-incident review activities.
-
Integrate AI-related threat signals into SIEM and XDR platforms to enhance detection coverage and reduce response times.
-
Design and execute adversarial testing, including prompt injection, jailbreak, and model manipulation scenarios against internal and third-party AI systems.
-
Identify, assess, and document AI-specific vulnerabilities, providing clear risk ratings and practical remediation guidance.
-
Validate the effectiveness of security controls following model updates, prompt changes, or new AI feature releases.
-
Monitor emerging adversarial techniques and translate threat intelligence into improved defensive controls.
-
Support the development and ongoing maintenance of AI security standards, policies, and acceptable use guidelines.
-
Assess the security risk of new AI initiatives and vendor solutions during intake and provide recommendations prior to deployment.
-
Collaborate with legal, compliance, and privacy teams to ensure AI usage aligns with regulatory and data protection requirements.
-
Partner with the Director of AI to embed security considerations into AI strategy, project planning, and vendor selection from the outset.
Please note, salary range is not inclusive of total compensation. The expected salary range for this position will be impacted by factors such as the successful candidate’s skills, experience and working location, as well as the specific position’s business line, scope and level. Candidates with salary expectations outside of the range are encouraged to apply.
Who You Are
-
Bachelor’s degree in Information Security, Computer Science, or a related discipline.
-
3–5 years of experience in cybersecurity or a related security discipline.
-
Industry certifications such as CISSP or CEH are considered an asset.
-
Strong analytical, problem-solving, and collaboration skills, with the ability to adapt in a rapidly evolving environment.
-
Exposure to cloud environments and emerging AI/ML technologies.
-
Hands-on experience with SIEM, EDR/XDR, CASB, and Data Loss Prevention (DLP) tools.
Please note that internal applicants are asked to formally express their interest by applying online no later than 10 business days of the position being posted.
Please note that we may use AI tools to help us through the recruitment process.