AI Data Protection & Compliance Engineer

The AI Data Protection and Compliance Engineer will design implement and manage AI-specific data protection strategies by defining the security architecture and applying security best practices policies and controls in collaboration with data scientists developers and security staff. As part of the AI data protection strategy the engineer will lead efforts to safeguard sensitive data across AI models agents and user interfaces by implementing robust classification segregation and access control mechanisms.

The engineer will tune DLP policies for AI environments ensuring proper governance and security of both inputs and outputs including LLM and ML training data. The engineer will be responsible for deploying and managing protective tools across cloud platforms such as AWS Azure and GCP to mitigate advanced threats like model poisoning and data exfiltration. The engineer will support audits monitor evolving AI risks and help maintain a secure operational environment in line with regulatory and contractual obligations.

Key Responsibilities

As part of the data protection strategy the engineer will:

• Implement data classification segregation access controls and other appropriate controls to the inputs and outputs and models throughout the application including AI models agents UIs and LLM and ML training and tuning data.
• Develop and tune DLP policies specifically for AI environments to ensure all sensitive data is accurately tracked managed and protected.
• Establish access controls limitations and guardrails on usage and prompts for AI inputs and APIs and ensure proper access controls on APIs and processing pipelines and segregation of data.
• Ensure that the appropriate data protection tools are deployed and operating in cloud environments including AWS Azure and GCP to protect AI systems against potential threats such as those in the OWASP AI Top Ten including supply chain and model poisoning threats and attempts to access modify and exfiltrate confidential information.
• Assess and improve AI data protection controls to meet evolving technology and business requirements.
• Support audit and compliance processes by providing necessary documentation and metrics related to AI data protection practices.
• Work with development and compliance teams to ensure secure and compliant AI development throughout the product lifecycle to meet customer regulatory and contractual obligations.
• Maintain current knowledge of AI risks threats and AI testing tools and techniques.
• Perform other duties to support the technical and operational security of the organization as required.

Qualifications

• Bachelors degree in an IT related field or equivalent experience and 3-5 years of experience in working in data protection or developing solutions incorporating ML/LLM solutions.
• Desired certifications one or more of the following: CISSP (Certified Information Systems Security Professional) Certified Information Security Manager (CISM) SSCP (Systems Security Certified Practitioner) CCSP (Certified Cloud Security Professional) or CompTIA Security.
• Strong knowledge of data protection principles particularly in AI and generative AI systems including DLP and data classification.
• Understanding of Application Security and Data Security for applications and AI such as the OWASP Top 10 and the OWASP Top 10 for Generative AI.
• Proficiency in and strong working knowledge of AI technologies and models such as Llama and ChatGPT.
• Experience and understanding of threats and risks related to web applications and APIs particularly with AI based applications.
• Experience deploying AI models and solutions in production environments.
• Experience with cloud technologies such as AWS Azure GCP Docker Kubernetes and infrastructure as code such as Terraform.
• General knowledge of security implications of threats and vulnerabilities related to networks servers operating systems applications and databases.
• Flexibility to work off-hours to support global project teams and maintenance windows.

Competencies

• Exceptional analytical skills with the ability to communicate complex ideas clearly and effectively to varied audiences.
• Strong problem-solving skills and attention to detail.
• Organization Time Management & Prioritization - Self-starter that focuses on key priorities; plans organizes schedules and executes tasks and projects in an efficient and productive manner.
• Ability to form productive relationships across the organization to accomplish information security objectives.
• Ability and willingness to learn all aspects of the information security field.
• Professional verbal and written communication skills in English.
• Expresses ideas using clear effective and efficient language. Listens patiently and attentively. Adapts to the purpose of the communication with appropriate style substance detail confidence and channel. Possess the ability to manage multiple channels of communication simultaneously; phone email tickets and chat.

Nextiva DNA (Core Competencies)

Nextivas most successful team members share common traits and behaviors:

• Drives Results:Action-oriented with a passion for solving problems. They bring clarity and simplicity to ambiguous situations challenge the status quo and ask what can be done differently. They lead and drive change celebrating success to build more success.
• Critical Thinker: Understands the why and identifies key drivers learning from the past. They are fact-based and data-driven forward-thinking and see problems a few steps ahead. They provide options recommendations and actions understanding risks and dependencies.
• Right Attitude: They are team-oriented collaborative competitive and hate losing. They are resilient able to bounce back from setbacks zoom in and out and get in the trenches to help solve important problems. They cultivate a culture of service learning support and respect caring for customers and teams.

Total Rewards

Our Total Rewards offerings are designed to allow our employees to take care of themselves and their families so they can be their best in and out of the office.

Our compensation packages are tailored to each role and candidates qualifications. We consider a wide range of factors including skills experience training and certifications when determining compensation. We aim to offer competitive salaries or wages that reflect the value you bring to our team. Depending on the position compensation may include base salary and/or hourly wages incentives or bonuses.

• Medical - Medical insurance coverage is available for employees their spouse and up to two dependent children with a limit of 500000 INR as well as their parents or in-laws for up to 300000 INR. This comprehensive coverage ensures that essential healthcare needs are met for the entire family unit providing peace of mind and security in times of medical necessity.
• Group Term & Group Personal Accident Insurance - Provides insurance coverage against the risk of death / injury during the policy period sustained due to an accident caused by violent visible & external means.
  • Coverage Type - Employee Only
  • Sum Insured - 3 times of annual CTC with minimum cap of INR
  • Free Cover Limit - 1.5 Crore
• Work-Life Balance - 15 days of Privilege leaves per calendar year 6 days of Paid Sick leave per calendar year 6 days of Casual leave per calendar year. Paid 26 weeks of Maternity leaves 1 week of Paternity leave a day off on your Birthday and paid holidays
• Financial Security - Provident Fund & Gratuity
• Wellness - Employee Assistance Program and comprehensive wellness initiatives
• Growth - Access to ongoing learning and development opportunities and career advancement

At Nextiva were committed to supporting our employees health well-being and professional growth. Join us and build a rewarding career!

Established in 2008 and headquartered in Scottsdale Arizona Nextiva secured $200M from Goldman Sachs in late 2021 valuing the company at $ check out whats going on at Nextiva check us out on Instagram Instagram (MX) YouTube LinkedIn and the Nextiva blog.

#LI-RQ1 #LI-HYBRID