AI Security Engineer

Job description

As an AI security engineer at SentraAI, you will operate at the intersection of AI architecture, application security, and offensive security, helping enterprise organisations design, deploy, and operate AI systems that are secure by design and defensible in production.
You will work closely with AI engineers, platform teams, and security stakeholders to embed runtime guardrails, security observability, and continuous AI red-teaming into real production systems. This role is accountable for translating AI threat models into concrete engineering controls and for ensuring AI systems remain secure, auditable, and resilient as they evolve.
This is a hands-on role for practitioners who understand that AI security is an operational discipline, not a policy exercise.

About SentraAI

SentraAI is a specialist enterprise AI firm focused on helping large regulated organisations move AI and data platforms from experimentation into production safely and sustainably.
We work inside enterprise run-states where governance, operational risk, change control, and long-term ownership are integral to delivery. Our teams are trusted to design and deliver systems, platforms, and operating models that can be run, audited, and evolved, not just launched.
We prioritise engineering discipline, architectural clarity, and delivery quality over speed, theatre, or hype.

Requirements

• Guide application and platform teams on threat modelling for AI and LLM-based systems across the full lifecycle
• Develop and maintain AI-specific threat models aligned to recognised standards and regulatory expectations
• Translate threat models into explicit architectural controls, security requirements, and acceptance criteria
• Advise on secure AI design patterns including least-privilege, isolation, and human-in-the-loop safeguards

• Work closely with AI and ML engineers to ensure secure implementation of AI guardrails within application codebases
• Ensure robust input sanitisation, validation, and prompt hardening for text, document, and multimodal inputs
• Ensure output validation, redaction, and data exfiltration prevention mechanisms are correctly implemented
• Evaluate, test, and support deployment of LLM security frameworks and detection mechanisms
• Ensure security-relevant telemetry and logs are captured in line with regulatory and audit requirements

• Define and publish AI-specific security indicators for operational monitoring and alerting
• Enable real-time visibility into AI security signals such as anomalous behaviour, prompt abuse, or tool misuse
• Support downstream security operations and incident response teams with actionable AI security context

• Embed automated AI security testing into CI/CD pipelines including prompt fuzzing and regression testing
• Support and guide offensive security teams on LLM-specific attack scenarios
• Operationalise AI red-teaming tools and custom adversarial test cases
• Ensure findings feed back into guardrail tuning, detection logic, and adaptive defence mechanisms

Required qualifications

• Strong background in application development, security engineering, or platform engineering
• Practical experience working with AI-enabled applications, LLMs, or ML pipelines
• Solid grounding in application security concepts and secure software design
• Hands-on experience implementing or integrating AI guardrails, sanitisation, and runtime security controls

• Practical understanding of AI and LLM threat vectors such as prompt injection, data poisoning, tool abuse, and agent escalation
• Experience collaborating closely with AI engineers, platform teams, and offensive security practitioners
• Ability to translate security intent into concrete, testable engineering controls

• Experience with AI red-teaming tools or adversarial testing frameworks
• Familiarity with secure CI/CD and DevSecOps practices
• Experience operating in regulated or highly governed enterprise environments
• Exposure to SOC integration, detection engineering, or security observability

Benefits

• Enterprise AI done properly.
  We exist to take AI and data out of experimentation and into production environments that are regulated, scrutinised, and expected to work every day.
• Quality is not optional.
  SentraAI is built on the belief that engineering discipline, governance by design, and delivery rigour are competitive advantages, not overhead.
• Clear ownership and accountability.
  You will be trusted with real responsibility, clear mandates, and meaningful outcomes, not diluted roles or performative activity.
• Work that survives contact with reality.
  We design systems, operating models, and decisions that still stand up months and years after go-live, not just at demo time.
• Run-state matters as much as build-state.
  We optimise for operability, auditability, and change control from day one because that is where enterprise value is won or lost.
• Substance over hype.
  We deliberately avoid delivery theatre, buzzwords, and novelties for novelty’s sake. Credibility is earned through execution.
• Learn from experienced practitioners.
  You will work alongside people who have built, broken, fixed, and run enterprise systems and who care deeply about doing the work properly.
• A firm with a point of view.
  SentraAI is opinionated by design. We stand for doing fewer things better and we expect our people to take pride in that standard.

Key skills

Splunk, IDS, network security, computer networking, identity & access management, PKI, PCI, NIST standards, security system experience, information security, encryption, SIEM

Employment type

Full time

Experience

Years

Vacancy

1