Remote: Contract Role: Security Engineer - LLM SecOps (Travel Needed)

Security Engineer — LLM SecOps (Contract)

Join a Product Security Engineering team within a leading US-based fintech organization. You’ll specialize in LLM SecOps, partnering with engineering teams to design and implement security controls for AI inference pipelines in a regulated environment.

Responsibilities

• Design and implement guardrails to secure LLM inputs and outputs in production
• Secure RAG pipelines, including vector databases and embedding workflows
• Build runtime monitoring for AI systems (prompt logging, context analysis, response validation)
• Secure LLM API endpoints with authentication, rate limiting, and abuse prevention
• Detect and respond to AI security incidents using structured RCA (Root Cause Analysis)
• Manage AI supply chain risks (third-party models, APIs, plugin integrations)
• Collaborate with Product Security, Machine Learning Engineering, and Platform teams

Required Qualifications

• LLM security experience: prompt injection defense, jailbreak detection, output filtering
• Familiarity with OWASP Top 10 for LLM Applications
• Data/RAG security: vector database security and embedding pipeline protection; multi-tenant data isolation and PII protection
• Monitoring & incident response: logging, anomaly detection, SIEM integration, and strong incident response/RCA practices
• Cloud & infrastructure: hands-on AWS experience; Kubernetes security, container isolation, and IAM/RBAC
• API security: OAuth, JWT, and rate limiting techniques
• Strong engineering proficiency in Python for automation and security tooling

Technology Environment (as described)

• AWS: EKS, Aurora MySQL
• Apache Spark
• Backend: Python, Kotlin
• Frontend: JavaScript, TypeScript, React/React Native
• Security/Operations: mTLS, CDN/Edge Security, SLI/SLO frameworks, RCA practices

Location / Travel

• Hybrid: mostly remote, with ability to travel to California or New York when needed.