AI Security Engineer || Northern Trust

Hi Team

Please work on below Requirement

Title: AI Security Engineer

Client: Northern Trust

Job ID: 145592

Duration: 8 Months

Location: Chicago IL

Bill rate: $90 - $100

Pay rate: $71 to $78 on W2 and $76 to $83 on C2C if they are okay to be presented on W2

Position:1

Slots:2

Summary:

Job Description:

Requirements:

• Bachelors degree
• 7 yrs of cybersecurity
• Strong IAM experience
• Entra ID
• Microsoft Azure Cloud experience highly preferred
• Professional AI experience (1-3 yrs of experience)

Job Duties:

• Lead the design assessment and governance of security controls for AI and machine learning systems across the enterprise
• Ensuring that AI workloads-including large language models agentic frameworks and ML pipelines-are deployed securely within a complex regulated environment
• Some level of architecture
• Policy design

Education:

• Bachelors degree

Preferred Certifications:

• CISSP CCSP CISM Azure Security Engineer Associate or AI-specific credentials

Required Qualifications:

• Security Architecture & Engineering:
• 7 years of experience in cybersecurity with at least 3 years focused on security architecture or engineering
• Demonstrated ability to design end-to-end security architectures for cloud-native and hybrid enterprise environments
• Strong working knowledge of network security application security data protection and zero-trust principles
• Identity Authentication & Access Management (IAA/IAM):
• Hands-on experience designing and implementing IAM solutions in enterprise environments (e.g. Entra ID / Azure AD Okta Ping AWS IAM)
• Deep understanding of authentication and authorization protocols: OAuth 2.0 OIDC SAML SCIM and token-based flows (including on-behalf-of and client credential grants)
• Experience with service identity management managed identities workload identity federation and privileged access governance for non-human actors
• AI / Machine Learning Security:
• 1-3 years of demonstrated experience working with AI/ML systems in a security governance or engineering capacity. This is calibrated to the maturity of the enterprise AI space-we recognize the field is young and value depth of engagement over length of tenure
• Practical understanding of LLM deployment patterns agentic AI frameworks (e.g. LangChain LangGraph) and the security risks they introduce
• Familiarity with AI-specific threat vectors: prompt injection training data poisoning model inversion tool/plugin abuse and supply chain risks in model and connector ecosystems
• Exposure to AI governance frameworks and standards: NIST AI RMF EU AI Act OWASP AI Top 10 MITRE ATLAS
• Communication & Stakeholder Engagement:
• Excellent written and verbal communication skills with a proven ability to translate complex technical security concepts into business-relevant language for executive and non-technical audiences
• Experience authoring formal security documentation: architecture decision records risk assessments implementation guides and policy documents
• Demonstrated ability to influence cross-functional teams facilitate architecture review boards and present security recommendations with clarity and confidence

Preferred Qualifications:

• Experience in financial services healthcare or other heavily regulated industries with multi-jurisdictional compliance requirements (e.g. SOX GDPR MiFID II SR 11-7)
• Hands-on experience with Microsoft Azure and M365 security ecosystems including Entra ID Azure AI Foundry Copilot Studio Defender for Cloud and Purview
• Familiarity with API gateway security patterns for AI services (e.g. Azure APIM Kong Cloudflare AI Gateway)
• Knowledge of model security scanning container security for ML workloads and secure MLOps pipeline design
• Experience evaluating or implementing Model Context Protocol (MCP) security controls
• Background in contributing to security communities of practice mentoring junior engineers or publishing security research

AI Security Engineer Summary:

• We are seeking an experienced AI Security Engineer to lead the design assessment and governance of security controls for AI and machine learning systems across the enterprise
• This role sits at the intersection of cybersecurity architecture identity and access management (IAM) and emerging AI/ML technologies
• You will be responsible for ensuring that AI workloads-including large language models agentic frameworks and ML pipelines-are deployed securely within a complex regulated environment
• The ideal candidate combines deep security architecture expertise with practical hands-on experience in AI systems
• Given that enterprise AI adoption is still a rapidly evolving discipline we value demonstrated engagement with AI security concepts and tooling proportional to the maturity of the field
• Job Responsibilities:
• Design and implement security architectures for AI/ML platforms including model hosting environments inference endpoints training pipelines and agentic AI systems
• Develop and enforce identity authentication and authorization (IAA) frameworks for AI workloads ensuring least-privilege access service identity governance and secure token flows (e.g. OAuth 2.0 OBO managed identities)
• Lead threat modeling and risk assessments for AI deployments leveraging frameworks such as OWASP AI Top 10 MITRE ATLAS and NIST AI RMF
• Evaluate and harden AI supply chain components including model registries MCP servers API gateways and third-party integrations
• Define IAM policies and role-based access controls for AI development and production environments across cloud platforms (Azure AWS or GCP)
• Collaborate with data science platform engineering and compliance teams to embed security guardrails into the AI development lifecycle without impeding velocity
• Author security architecture documents threat and risk assessments tactical exception requests and developer implementation guides for AI-related initiatives
• Monitor the evolving AI threat landscape-including prompt injection tool poisoning data exfiltration via agentic workflows and model manipulation-and translate findings into actionable controls
• Present technical security findings risk postures and architectural recommendations to senior leadership governance boards and cross-functional stakeholders in clear accessible language
• Contribute to enterprise security standards and policies governing AI adoption including acceptable use data handling and model governance