AI Incident Response Engineer

Job Description: AI Incident Response Specialist

Role Overview:

The AI Incident Response Specialist will lead investigations and remediation of AI-related security incidents, including model poisoning, adversarial attacks, and generative AI misuse. This role ensures rapid containment and recovery while maintaining compliance and governance standards.

Key Responsibilities:

• Respond to AI-specific incidents such as model theft, data poisoning, and unauthorized AI deployments.
• Execute AI-focused playbooks (e.g., "Generative Model Abuse Response," "Model Exfiltration Response").
• Analyze AI telemetry and logs to confirm incidents and assess impact.
• Coordinate containment actions, including deactivating model endpoints and revoking API keys.
• Oversee eradication steps such as removing poisoned data and retraining models.
• Document lessons learned and update AI risk mitigation procedures.
• Collaborate with Data Scientists, AI Governance Officers, and security engineers during recovery.

Required Skills & Experience:

• Proven experience in cybersecurity incident response.
• Deep understanding of AI/ML systems, pipelines, and associated risks.
• Familiarity with adversarial input detection and model integrity validation.
• Ability to work under pressure and manage high-severity incidents.

Preferred Qualifications:

• Experience with AI governance frameworks and compliance requirements.
• Knowledge of generative AI risks and mitigation strategies.

Job Description: Detection Engineering Specialist

Job Description: AI Detection Engineering Specialist

Role Overview:

The AI Detection Engineering Specialist will design and implement detection strategies specifically for AI systems and pipelines. This role focuses on identifying critical telemetry for AI models and services, ensuring proper logging, and building detection rules that initiate automated incident response workflows for AI-related threats.

Key Responsibilities:

• Identify and define essential log sources for AI environments, including model training pipelines, inference endpoints, API calls, and data ingestion points.
• Establish logging standards for AI-specific events (e.g., model updates, API token usage, prompt injection attempts, adversarial input patterns).
• Develop and tune detection rules to identify anomalies such as model drift, unauthorized access, or suspicious API activity.
• Integrate detection logic with SOAR platforms to trigger automated incident response workflows for AI incidents.
• Collaborate with AI engineering, data science, and security teams to validate detection coverage and response playbooks.
• Continuously assess AI threat landscape and update detection logic based on emerging attack techniques (e.g., model poisoning, prompt injection, data exfiltration).

Required Skills & Experience:

• Strong understanding of AI/ML systems, pipelines, and associated security risks.
• Experience with logging and telemetry for AI services (e.g., Azure ML, AWS SageMaker, custom ML pipelines).
• Hands-on experience with SIEM/SOAR platforms and detection engineering.
• Familiarity with adversarial AI techniques and detection strategies.
• Proficiency in scripting (Python) for rule development and automation.

Preferred Qualifications:

• Knowledge of AI governance frameworks and compliance requirements.
• Experience with monitoring and securing generative AI models and APIs.