FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

AI Security Engineer
Cross RiverAI Security Engineer at Cross River designing guardrails for AI use in financial technology. Ensuring compliance and security in financial services using innovative AI solutions.
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates expertise in designing and implementing AI security measures across cloud platforms like Azure and AWS, with a focus on secure coding practices and data governance. Proficient in threat modeling, observability, and compliance with industry standards such as FFIEC, SOC 2, and PCI DSS.
Highest-signal resume keywords
Security EngineeringAI/ML SecurityAWS/Azure ExperienceThreat ModelingCompliance Frameworks
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
PythonTypeScriptRESTGRPCContainersKubernetesTerraformLLM Attack Surface MitigationObservabilityTelemetry
Soft Skills
Strong Written Communication
Tools & Technologies
Azure AI StudioAmazon BedrockSageMakerSIEMOAuth2OIDCKMS
Industry Keywords
Data GovernanceAI Red-TeamingAgentic ArchitecturesSecure Secret ManagementPrivacy Preservation
Tech Stack
Tools & technologiesAWSAzureCloudGRPCKubernetesPythonSDLCTerraformTypeScript
About the role
Key responsibilities & impact- Design enterprise AI guardrails across Azure and AWS (e.g., Azure AI Studio/Azure OpenAI, Amazon Bedrock/SageMaker): content filtering, PII redaction, prompt/response validation, and policy enforcement services
- Assess and define secure usage patterns and data governance controls for agentic frameworks and coding agents: permission scoping, tool-call authorization, least‐privileged retrieval, session isolation, and MCP server governance
- Threat model AI systems (apps, agents, MCPs, RAG, fine-tuning pipelines) using frameworks like STRIDE and the OWASP Top 10 for LLM Apps; define misuse scenarios (prompt injection/context poisoning/jailbreaks/data exfiltration) and build mitigations
- Build monitoring and telemetry: privacy-preserving prompt/response logging, sensitive-data detection, safety/eval dashboards, drift/abuse signals, and incident hooks into our SIEM
- Integrate AI security into the SDLC: reusable libraries, pre-commit checks, CI/CD gates, policy-as-code, and secure-by-default reference architectures for product teams
- Evaluate third‑party AI vendors and internal apps: security reviews, data residency and retention requirements, SSO/SCIM integrations, DPA/TPRM inputs, and continuous control testing
- Partner across Security, Data, Privacy, and Engineering to map AI controls to FFIEC, SOC 2, and PCI DSS; document control evidence for audits
- Lead/participate in AI red‑teaming: automated jailbreak/prompt‑injection tests, safety benchmarks, purple‑team exercises, and response playbooks for AI incidents
- Enable the org with concise guidelines, examples, and training on safe AI development and usage
Requirements
What you’ll need- 5+ years in Security Engineering/AppSec/Cloud Security (or similar), including 1–2+ years securing AI/ML or data‑intensive systems (GenAI preferred)
- Hands‑on experience with AWS and/or Azure and modern app stacks (Python/TypeScript, REST/gRPC, containers/Kubernetes, IaC such as Terraform)
- Practical understanding of LLM attack surfaces (prompt injection, context and goal poisoning, data leakage via tools, training/fine‑tune poisoning, model supply chain) and mitigation patterns
- Experience assessing agentic architectures (LangGraph, CrewAI, or similar) and AI coding assistants (Claude Code, GitHub Copilot) for secure enterprise deployment
- Familiarity with identity and access for AI workloads (OAuth2/OIDC, service principals, role tokens, PIM), and secure secret management/KMS
- Experience implementing observability/telemetry and routing findings to SIEM; comfort balancing privacy with traceability
- Ability to translate controls into developer-friendly libraries, docs, and CI/CD checks
- Comfort working in a regulated environment and mapping controls to frameworks (FFIEC, SOC 2, PCI DSS)
- Strong written communication in English and Hebrew
Benefits
Comp & perks- Flexible hybrid work model: three days a week at our Jerusalem office
- Monthly wellness reimbursement – from therapy to gel manicure, it's up to you
- Full Keren Hishtalmut, private health and dental insurance
- Volunteer days, donation matching, Yoga and Pilates
- A supportive, collaborative culture that puts our people first