Human Experts Implementing Artificial Intelligence #AI #ArtificialIntelligence #HumanIntelligence
AI Cybersecurity Engineer – Offensive Security, Threat Modeling
Location
Serbia
Posted
3 days ago
Salary
0
Seniority
Senior
Job Description
AI Cybersecurity Engineer – Offensive Security, Threat Modeling
Xenon Seven
• Predictive AI Threat Modeling: Lead advanced threat-modeling exercises across the bank’s localized AI/ML pipelines, data repositories, and training environments. Anticipate sophisticated attacker behaviors to design preemptive security guardrails before models are moved to production. • AI Red Teaming & Offensive Simulations: Conduct targeted offensive operations and ethical hacking against our on-premises AI infrastructure. Simulate real-world adversarial attacks, including data poisoning, model inversion, membership inference, evasion attacks, and prompt injection. • Framework Mapping with MITRE ATLAS: Implement and operationalize the MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) framework. Map identified vulnerabilities to ATLAS tactics and techniques to build a robust, AI-specific defensive matrix aligned with traditional MITRE ATT&CK. • On-Premises Infrastructure Hardening: Assess and secure the physical and virtual infrastructure hosting our AI workloads, including bare-metal GPU clusters, local containerized environments (Kubernetes/OpenShift), and private data registries, ensuring strict isolation from external threats. • Proactive Risk Management & Early Detection: Collaborate with the SOC and data engineering teams to build predictive detection use-cases and custom alerts. Identify the early warning signs of an AI-targeted attack or data exfiltration attempt before malicious actors can compromise model integrity.
Job Requirements
- Professional Experience: 5+ years of dedicated experience in Offensive Security, Red Teaming, or Advanced Penetration Testing, with a proven pivot and at least 2 years of hands-on experience securing or attacking AI/ML workloads.
- Banking Sector Experience (Mandatory): Prior experience working within a regulated financial institution in Egypt. You must understand the security constraints, compliance mandates, and audit rigor required by the Central Bank of Egypt (CBE) for on-premises operations.
- Deep Mastery of AI Attack Frameworks: Expert-level knowledge of MITRE ATLAS and the OWASP Top 10 for Large Language Models (LLMs). You must have a proven track record of translating these theoretical frameworks into practical, automated offensive playbooks.
- On-Prem & Core Technical Skills: Strong proficiency in Python or bash scripting to build custom exploit or testing tools.
- Deep understanding of on-premises infrastructure components (Linux administration, private networking, storage area networks).
- Direct experience with container security (Docker, Kubernetes) and secure MLOps pipelines.
- Education & Certifications: Bachelor’s degree in Computer Science, Cybersecurity, Computer Engineering, or a strictly related field.
- Highly valued offensive certifications: OSCP, OSCE, CRTP, or GPEN, alongside any specialized AI/ML security credentials.
- Mindset & Communication: A relentlessly curious, adversarial mindset balanced with strong risk management disciplines. The ability to clearly articulate complex, highly technical AI vulnerabilities into actionable remediation plans for data scientists and senior banking executives. Fluency in English.
Benefits
- Attractive, market-leading salary package
- Clear career advancement path with professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
AI Cybersecurity Architect – Governance, Control Frameworks
Xenon SevenHuman Experts Implementing Artificial Intelligence #AI #ArtificialIntelligence #HumanIntelligence
• Establish AI Security Governance Frameworks: Author, implement, and maintain the bank's enterprise-wide AI Security Policy. Align our internal AI governance with international standards (such as NIST AI RMF, ISO/IEC 42001, and OWASP Top 10 for LLMs) while strictly ensuring compliance with evolving Central Bank of Egypt (CBE) regulations and the Egyptian Data Protection Law. • Design & Build Cybersecurity Controls: Architect, enforce, and validate technical and administrative security controls tailored for the entire AI/ML lifecycle (Data Ingestion, Training, Deployment, and Inference). This includes building robust controls against data poisoning, model inversion, prompt injection, and unauthorized data exfiltration. • Secure MLOps Architecture: Define the reference architectures and secure guardrails for our Machine Learning Operations (MLOps) pipelines. Ensure that security checks, vulnerability scanning, and model integrity verifications are seamlessly integrated into our continuous deployment workflows. • Advanced AI Threat Modeling & Risk Assessment: Lead comprehensive risk assessments and threat-modeling exercises on all proprietary and third-party AI implementations. Identify structural risks in algorithmic logic, training data pipelines, and API integrations, translating technical risks into clear business governance metrics. • Third-Party & Vendor AI Governance: Develop and execute rigorous cybersecurity assessment frameworks for evaluating third-party AI tools, cloud-hosted models, and external vendors, ensuring they meet the bank’s strict data privacy and control standards.
Cyber Security System Engineer II (SOAR/SIEM Engineer)
ECS Tech IncAll candidates must meet the following criteria: Must be a US Citizen, no dual Citizenships. Must be able to secure a Public trust clearance. Must be able to work across multiple programs across the Federal and DOD space. The core values that ECS looks for in an engagement manager include: Teamwork, Respect, Accountability, Integrity, and Leadership.
Role Description Everforth ECS is seeking a Cyber Security System Engineer II (SOAR/SIEM Engineer) to work Remotely. Please Note: This position is contingent upon contract award. - Engineers, administers, and maintains CI's SOAR and SIEM platforms. - Develops automated playbooks for alert triage, enrichment, case management, and incident response. - Performs onboarding, correlation tuning, dashboards, retention, and compliance configuration. - Ensures platform availability and alignment with federal security requirements. Qualifications - Bachelors’ Degree in Cybersecurity, IT, or related field. - 5+ years of relevant experience. - IRS CI - IRS High Risk Clearance. - Experience in SIEM engineering, log onboarding, parser development, and correlation tuning. - SOAR platform engineering, playbook development, and automation design skills. - Proficiency integrating SIEM/SOAR with scanners, EDR, DLP, IAM/PAM, and ticketing systems. - Knowledge of NIST, FISMA, IRS IRM 10.8, CDM requirements. - Ability to build and maintain system baselines and architecture documentation.
Role Description The Computer System Validation (CSV) Lead is responsible for developing, executing, and maintaining the validation strategy for GxP-regulated computerized systems supporting manufacturing, laboratory, and quality operations. This role ensures that all systems comply with applicable regulatory requirements, including FDA 21 CFR Part 11, EU Annex 11, and GAMP 5, and that validation deliverables are developed in alignment with corporate and industry best practices. - Lead the planning and execution of validation projects for GxP computerized systems (manufacturing, laboratory, and quality). - Author and/or review CSV deliverables including Validation Plans, Risk Assessments, User Requirements Specifications (URS), Functional Specifications (FS), Design Qualification (DQ), IQ/OQ/PQ protocols, and summary reports. - Ensure compliance with 21 CFR Part 11, EU Annex 11, GAMP 5, and applicable company SOPs and policies. - Collaborate with cross-functional teams (IT, QA, Manufacturing, Lab, and vendors) to define validation scope, strategy, and deliverables. - Lead impact assessments for software upgrades, patches, and configuration changes; ensure continuous validation state is maintained. - Support data integrity initiatives and periodic review programs. - Manage audit readiness for all validated systems; support internal and external inspections (FDA, EMA, MHRA, etc.). - Develop and maintain validation templates, SOPs, and training programs. Qualifications - Bachelor’s degree in computer science, Engineering, Life Sciences, or related discipline. - Minimum 5–8 years of experience in computer system validation or IT quality compliance within the pharmaceutical or biotech industry. - Deep understanding of GxP Principles, GAMP 5 lifecycle methodology, and 21 CFR Part 11 / Annex 11 compliance. - Experience leading validation of enterprise and laboratory systems such as LIMS, MES, QMS, ERP, or data historians (e.g., OSI PI, Empower, SAP, LabWare, etc.). - Strong technical writing and documentation skills with attention to detail. - Proven ability to manage multiple projects and priorities in a fast-paced, regulated environment. Requirements - Master’s Degree (MBA, MIS, or related field). - Experience with cloud-based or SaaS GxP systems. - Familiarity with data integrity, cybersecurity, and IT infrastructure qualification (IQ of servers, networks, virtualization). - Project management or Lean Six Sigma certification. Benefits - Medical, Dental and Vision Insurance. - Generous Paid Time Off options, including Vacation and Sick time, plus national holidays including year-end shut down. - 401(k) match and annual company contribution. - Company paid life insurance. - Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions. - Long Term Incentive Plan for eligible positions. - Company fleet vehicle for eligible positions. - Referral bonus program.
Director of Security Engineering
SysdigConfidently secure containers, Kubernetes and cloud services with #SecureDevOps.
• Reporting to the CISO, you build security engineering for Sysdig, end to end, across the full code-to-cloud lifecycle. This is a senior leadership role on the Trust & Security team. You'll lead a small, high-leverage team of senior and staff security engineers. This team's technical direction will be set by you, and you'll grow it through hiring and the development of senior talent. Additionally, you'll own the security-engineering roadmap, standards, and budget. • Set functional strategy with the CISO and senior leadership. Translate security strategy into operational plans and policy, cascade it across the function, and act as the final decision-maker for security-engineering standards, tooling, and practices. • Bring an AI-first mindset to security delivery. Use AI to deliver security capabilities that help engineering build better systems and write better code. • Make AI-assisted and agent-driven development safe across the org, use AI agents to scale security work itself, and defend the AI agents and workloads we run in production as first-class attack surface — work where the problems aren't clearly defined and established principles don't fully apply. • Partner with product. Go beyond feedback, bring thoughtful, hands-on guidance to the roadmap, using new capabilities first internally, then helping mature both our core cloud defense platform and our new AI workload protection. You'll be a true product partner, not just an internal user. • Represent security with executives and customers. Engage senior leadership and major customers on security matters of significance, reconcile diverse stakeholder views to drive outcomes, and serve as a key leader within the Trust & Security function. • Turn compliance into assurance. We maintain ISO 27001, ISO 27701, and SOC 2 Type II — but that's the floor. Your aim is continuous assurance of controls that not only meet the needs of the auditor but, more importantly, protect the trust of the customer. • Model how we lead. Champion Sysdig's values — Trust in the Team, Love our Customers, Dig Deeper — and act as a change catalyst who builds a culture of trust, ownership, and continuous improvement.


