Jobs · Information Technology · Arizona

Senior AI Security and Governance Engineer

VIAVI Solutions · Chandler, AZ · 5 days ago
Information TechnologyFull-time

Duties & Responsibilities

  • Define and own VIAVI's enterprise AI governance framework, translating policy into enforceable technical controls aligned with NIST AI RMF, ISO/IEC 42001, and the EU AI Act.
  • Establish and maintain an AI risk tiering and classification system covering data sensitivity, model risk, autonomy level, and business exposure.
  • Collaborate with IT, Procurement, and Legal to operationalize an AI tool approval and onboarding process.
  • Build and operate a continuous AI discovery program to identify unsanctioned AI tools, embedded AI features in approved SaaS applications, and browser-based AI interactions across the enterprise.
  • Build and operate AI intake workflows to evaluate, approve, and track all new AI use cases, tools, models, and integrations before production deployment.
  • Partner with Legal, Privacy, and Compliance teams to define AI exception and waiver processes; support internal audits and regulatory examinations.
  • Stay ahead of emerging AI regulations and industry standards including sector-specific requirements and translate them into actionable policy and controls.
  • Lead AI-specific threat modeling across the full AI lifecycle covering prompt injection, data leakage, model poisoning, adversarial attacks, tool abuse, privilege escalation, and agentic supply-chain risks.
  • Define and enforce secure AI architecture patterns and prohibited design anti-patterns for LLM-powered applications, autonomous agents, and multi-agent workflows.
  • Partner with product and platform engineering teams to embed security controls natively into AI development pipelines (S-SDLC / Secure AI Development Lifecycle), including secure CI/CD gates, pre-production reviews, and post-deployment monitoring.
  • Design and operationalize runtime protections for AI systems including prompt injection detection, jailbreak protection, output content controls, and abuse detection for high-throughput environments.
  • Define Human-on-the-Loop (HOTL) review checkpoints for autonomous agentic workflows where high-risk decisions require human oversight before execution.
  • Design and enforce granular data access controls for AI systems, ensuring least-privilege access to tools, data sources, APIs, and enterprise platforms invoked by AI agents; enforce clear segregation of duties across agent orchestration layers.
  • Implement data usage monitoring across AI workflows to detect unauthorized data access, over-permissioned AI agents, sensitive data exposure in model inputs/outputs, and policy violations in near-real time.
  • Develop and operationalize controls to prevent data exfiltration through AI channels, including prompt-based exfiltration via LLMs, data leakage through RAG retrieval pipelines, and output exfiltration through API integrations and third-party AI services.
  • Establish AI-specific data classification policies and enforce data boundary controls, retention limits, and usage constraints for data ingested by or generated by AI systems.

Pre-Requisites / Skills / Experience Requirements

  • Minimum of a Bachelor’s (Preferred Master’s); preferably Computer Science/Computer Engineering or a related field
  • 8–12+ years in security architecture, application security, cloud security, or a closely related field
  • 3+ years of hands-on experience securing AI/ML or LLM-based systems in enterprise environments, including practical knowledge of prompt injection, data exfiltration through AI APIs, and agentic risk
  • Demonstrated experience defining and implementing AI governance frameworks (OWASP Top 10 for LLM, NIST AI RMF, ISO/IEC 42001, EU AI Act, or equivalent)
  • Strong background in threat modeling, secure design review, and risk management across complex distributed systems
  • Hands-on experience with data loss prevention (DLP), CASB, SWG, or equivalent technologies applied to AI and SaaS environments
  • Experience designing and enforcing granular access control frameworks (RBAC, ABAC) for AI agents, tools, and data pipelines
  • Strong written and verbal communication skills including executive-level reporting and the ability to translate complex AI risk into business language
  • Able to read and review code (Python, JavaScript/TypeScript, or similar) to understand AI workflows, APIs, and failure modes

Similar jobs

Senior AI Security Engineer

RelativityIllinois, United States· Yesterday
Information Technology$130k–$195k/yrapply on kcura.wd1.myworkdayjobs.com

Senior AI Security Engineer

Wilson Sonsini Goodrich & RosatiUnited States· 3 wk ago
RemoteEngineering$163k–$221k/yrapply on careers.wsgr.com