• Implementar controles de seguridad, respuesta a incidentes y revisión de cumplimiento normativo. • Desarrollar funcionalidades complejas y ejecutar proyectos de mayor envergadura. • Optimizar tiempo, mantener la productividad y asumir nuevas asignaciones.

Role Description The Principal Artificial Intelligence (AI) Security Engineer serves as the technical lead for securing machine learning (ML), generative artificial intelligence (GenAI), and agentic systems in production, with emphasis on healthcare and other regulated environments. This role creates security architecture, threat modeling, control design, and detection strategy across the AI lifecycle. - Data ingestion - Feature engineering - Training and fine-tuning - Evaluation - Model serving - Retrieval-augmented generation (RAG) pipelines - Agent frameworks - Application programming interface (API) mediation - Post-deployment monitoring The Principal AI Security Engineer leads and partners throughout the organization to build enforceable guardrails for: - Protected health information and electronic protected health information handling - Identity and access control - Secrets isolation - Model and dataset provenance - Output safety - Evidence collection for audits and investigations Qualifications - Ten (10) years of hands-on security engineering experience spanning application security, cloud security, security architecture, detection and response, platform security, or infrastructure security. - Bachelor's degree in computer science, information technology, or relevant field. In lieu of degree, six (6) cumulative years of related experience required. - Demonstrated experience securing production AI/ML systems, including large language model (LLM) applications, model serving stacks, retrieval-augmented generation architecture, or agent frameworks. - CISA, CISM, CCSP, HCISPP, GIAC and or CISSP certifications preferred. - Demonstrated advanced expertise in AI threat modeling and adversarial testing. - Strong implementation knowledge of secure software development lifecycle (SDLC), continuous integration/continuous delivery (CI/CD) security, and cloud-native telemetry pipelines. - Experience designing or reviewing controls for secure machine learning operations (MLOps). - Experience instrumenting detections and response workflows using logs, traces, metrics. - Advanced working knowledge of RAG security and evaluation harnesses for safety, security, and regulated-data compliance. - Prior experience in healthcare, payer, provider or similarly regulated environments with PHI/ePHI safeguards preferred. - Advanced ability to write engineering standards, design docs, threat models, and control requirements. - Hands-on familiarity with model gateways and AI observability tooling. - Working knowledge of static/dynamic application security testing and dependency-risk management. - Experience with AI red teaming platforms and automated release gates for model or prompt changes. - Familiarity with Sarbanes Oxley, HIPAA, OCR, AI RFM, HCFA, PCI/DSS, NIST and other regulations impacting security preferred. Requirements - Ability to work prolonged periods sitting and/or standing at a workstation and working on a computer. - Ability to travel across the Health Plan service region for meetings and/or trainings as needed. - Ability to work in a home office for continuous periods of time for business continuity. Benefits - Participation in group health and/or dental insurance - Retirement plan - Wellness program - Paid time away from work - Paid holidays Compensation Range(s) Minimum: $123,304 - Maximum: $221,948 The salary range indicated in this posting represents the minimum and maximum of the salary range for this position. Actual salary will vary depending on factors including, but not limited to, budget available, prior experience, knowledge, skill and education as they relate to the position’s minimum qualifications, in addition to internal equity. The posted salary range reflects just one component of our total rewards package. Please note: There may be opportunity for remote work within all jobs posted by the Excellus Talent Acquisition team. This decision is made on a case-by-case basis. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Role Description CrowdStrike is looking for a technically strong, self-directed cloud security professional to join our Professional Services team in the JAPAC region. This is a hands-on role for someone with genuine curiosity about cloud attack techniques and a drive to build the detection and defensive capability to counter them. You'll work with complex, high-profile organisations across the region, helping them understand where they're exposed, sharpen their detection capabilities, and close the gaps that adversaries look for. The work demands both technical depth and client credibility, so you'll need to be effective at both. What You'll Do - Conduct cloud security assessments across a range of environments, focusing primarily on AWS and Azure: reviewing configurations, identity architectures, network exposure, and attack paths to surface the risks that actually matter. - Design and build detection logic and alerting for cloud control plane activity, identity-based threats, and misconfiguration-driven exposure across cloud-native and third-party security platforms. - Write automation to speed up assessment work, extract and correlate data across large datasets, and turn repeatable analysis into something the team can use again. - Partner with our Red Team during Purple Team exercises: testing customer detection and response capabilities and translating the gaps into concrete recommendations. - Collaborate with internal delivery teams to help turn assessment findings into detection content that's ready to deploy. - Produce clear, high-quality reports and presentations for technical and executive audiences. - Run client engagements from scoping through delivery, keeping stakeholders well-informed throughout. - Help push our service offerings forward through methodology development, tooling contributions, and public-facing thought leadership. Qualifications - Strong practical experience with AWS and Azure, including identity, compute, networking, storage, serverless, and logging and monitoring services. - A solid grasp of cloud architecture patterns and where security assumptions tend to break down in practice. - GCP experience is a plus, but not a requirement. - Experience building detection content that works: writing queries, developing alerting logic, and cutting through noise in cloud-native and third-party SIEM/XDR environments. - A working knowledge of how threat actors operate in cloud environments, and the ability to translate that into detections that actually fire on the right things. - Experience tracing how misconfigurations chain together into realistic attack paths — analysis that tells a coherent story rather than producing a list of isolated findings. - Familiarity with common cloud attack patterns: privilege escalation, lateral movement, persistence, and data exfiltration. - Solid scripting ability in Python or equivalent, comfortable building tools to automate assessment tasks, work with large datasets, and extend existing frameworks. - Experience writing queries across platforms such as KQL, SPL, or cloud-native query engines. - Strong written and verbal communication in English. - Able to adapt your approach across different business cultures. - Additional language proficiency is a strong advantage, particularly Mandarin, Japanese, Hindi, or Thai. Requirements - Detection engineering experience in traditional enterprise environments: on-premises Active Directory, Windows endpoint telemetry, and classic Wintel infrastructure. - Cloud incident response experience (AWS, Azure, or M365). - Kubernetes and container security. - CI/CD pipeline security and DevSecOps practices. Benefits - Market leader in compensation and equity awards. - Comprehensive physical and mental wellness programs. - Competitive vacation and holidays for recharge. - Paid parental and adoption leaves. - Professional development opportunities for all employees regardless of level or role. - Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections. - Vibrant office culture with world class amenities. - Great Place to Work Certified™ across the globe.

• Lead the design, implementation, and optimization of our corporate security infrastructure. • Enhance security controls, align goals with business objectives, and drive automation and self-service capabilities. • Work with IaC tools like Terraform to ensure enterprise configurations are steady, change-managed, and machine-readable. • Design and deploy endpoint security measures aligned with industry standards, including vulnerability management. • Ensure a strong security posture for corporate SaaS applications by configuring vendor capabilities or building automations to meet OnePay standards. • Mature and manage data protection controls, including Data Loss Prevention (DLP) tools and secure data handling processes. • Build secure methods for sharing data with internal teams and external partners. • Collaborate with IT, Infrastructure, and Security teams to implement security measures, maintain critical corporate systems, and drive process improvement through automation. • Develop and run incident response and disaster recovery plans, including tabletop exercises.