Description:

Senior level individual contributor responsible for Cloud Security AI projects: assessment, design, implementation, and post-implementation review. This role requires thought leadership experience in cloud security, AI technologies and automation, in addition to technical leadership experience. The Cloud Security AI consulting director will own CNA’s overall AI Security posture on multiple cloud platforms, including GCP, Azure and more, for all AI related business cases, including LLM models’ life cycle as well as Generative AI (GenAI).

JOB DESCRIPTION:

Essential Duties & Responsibilities

(Leads and directs the work activities and has full management responsibility for the performance and development of subordinate staff in accordance with corporate strategy)

Build and own the Cloud Security AI domain roadmap – with a focal point of LLM model supply chain, runtime security, and GenAI overall security.

Own the delivery of the AI Security roadmap, which includes:

o Defining a cybersecurity framework

o Build and update relevant Technical Specifications documents and related security policies

o Builds comprehensive threat models for cloud services, providing capabilities to deploy machine learning (ML) models

o Design and implement AI-specific engineering solutions to enforce a consistent security experience at all stages of the SDLC for AI resources (including infrastructure, notebooks and models)

o Define and Measure existing security debt for AI workloads based on violations of either CNA’s standards and policies or technical specs requirements.

o Work with the appropriate internal stakeholders to ensure timely remediation of vulnerabilities and other security issues identified in local, build time and runtime environment for AI workloads.

o Build key security metrics dashboard and reports

• Direct AI and application teams with onboarding the cloud security requirements, working with vendors to troubleshoot the platform and issues related to such integrations.

• Oversee cybersecurity software engineering best practices such as unit testing, code reviews, quality engineering, supply-chain protection etc.

• Ensure appropriate security practices are communicated and implemented in the respective application security programs. Support adherence and awareness of these practices.

• Work in close partnership with the Data Security team to keep CNA’s most sensitive data secured while enabling the AI teams to build their models in an efficient but safe and scalable manner.

• Work with the Cloud Security Automation and Application Security teams to leverage automated processes to mitigate security vulnerabilities in all the relevant environments.

• Contribute to security requirements across CNA cloud applications as whole – with a focus point on AI use cases, provide guidance for infrastructure security and automation, and ensure that logical security controls are manageable and scalable.

• Stay abreast of industry trends and best practices; conduct research, tests, and execute new techniques that can be reused and applied to SDLC.

Skills:

AI, Security, LLM

Top Skills Details:

AI,Security,LLM

Additional Skills & Qualifications:

Skills, Knowledge & Abilities

Required:

• Strong oral and written communication skills in the English language to work effectively with all levels of end users and IT personnel.

• Demonstrated ability with scripting, coding, and automation (e.g., Python, shell scripting)

• Knowledge of threat modeling frameworks, such as MITRE ATT&CK/ MITRE ATLAS, etc.

• Proven track records of building CI/CD pipelines for both application and infrastructure, with a focus on security.

• Expert knowledge of Cloud Security (GCP preferred).

• Knowledge of AI/ML security standards

• Working knowledge of Generative AI technologies and their security implications for the business

Nice to have / Strong plus:

• Experience in securing a multi-cloud environment is a plus.

• Familiarity with supply-chain attacks, prompt injections, model poisoning, data leakage, inadequate sandboxing, unauthorized code executionMastery of automation tools (e.g. Concourse, Jenkins, Terraform, Ansible etc.)

• Excellent hands on experience with securing container at scale.

• Expert knowledge with one or more various Linux operating systems

• Good experience with data security at scale (BigQuery, Cloud Storage and CloudSQL experience are a strong plus)

• Good experience with AI Models managed services such as VertexAI, Azure Open AI is a strong plus

• Working Knowledge of Data Analytics technologies such as Looker, PowerBI or Tableau is a strong plus.

• Experience with Google Cloud security services such as VPC Service Control, Security Command Center, Binary Authorization, Cloud DLP etc. is a plus

• Working knowledge of industry leading security tools such as CSPM (Prisma Cloud, Wiz, Uptycs), CWPP (Prisma Defender, CrowdStrike, Tenable etc.) or Identity protection (SailPoint, CyberArk, Okta etc.) is a plus.

Education & Experience

• Bachelor's degree with Master's preferred in a related discipline, or equivalent

• Typically a minimum of 10 years of related work experience.

Experience Level:

Expert Leve

About TEKsystems:

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.