Join a high-performing team shaping the future of AI security at a global leader. Make a real impact by delivering secure, innovative solutions.
As a Lead Security Engineer at JPMorgan Chase within the Cybersecurity & Technology Controls for AI/ML team, you play a pivotal role in delivering secure software solutions that prevent misuse and malicious behavior. You are responsible for implementing tamper-proof, audit-defensible methods across multiple technical areas and business functions. You collaborate closely with stakeholders to ensure adversarial resilience and drive alignment on AI risk mitigation priorities. You help foster a culture of innovation and security within a diverse, cross-functional team.
Job responsibilities
- Develop and enhance security strategies, red teaming programs, and solution designs, troubleshooting technical issues and creating scalable solutions
- Design secure, high-quality AI and software architectures, reviewing and challenging designs and code to ensure adversarial resilience
- Reduce AI and LLM security vulnerabilities by adhering to industry standards and emerging AI safety research, evolving policies, testing protocols, and controls
- Collaborate with stakeholders across product, data science, cyber, legal, and risk to understand AI use cases and recommend modifications during periods of heightened vulnerability or regulatory change
- Conduct discovery, threat modeling, and adversarial testing on generative AI, RAG pipelines, and ML systems to identify vulnerabilities such as prompt injection, jailbreaking, and data poisoning
- Define and implement AI red teaming methodologies, playbooks, and success metrics, establishing mechanisms for continuous testing and safe rollout of new AI models and features
- Collaborate within a cross-functional team to develop relationships, influence senior stakeholders, and drive alignment on AI risk tolerance and mitigation priorities
Required qualifications, capabilities and skills
- Formal training or certification on security engineering concepts and 3+ years applied experience
- Experience with threat modeling, discovery, vulnerability, and penetration testing (e.g., MITRE ATLAS, OWASP Top 10 for LLMs) and foundational cybersecurity concepts such as IAM, Authentication, OIDC, SAML
- Practical experience with Infrastructure as Code (IaC) solutions like Terraform and CloudFormation
- Proficiency in Python scripting
- Strong understanding of AI/ML concepts and trends, with knowledge of AI red teaming foundational concepts to design and implement exercises for complex AI architectures
- Ability to conceptualize, design, validate, and communicate creative technical solutions to enterprise-level security problems, including building internal tools, dashboards, and automation for red teaming activities
Preferred qualifications, capabilities and skills
- Expertise in planning, designing, and implementing AI red teaming exercises and enterprise-level security solutions for generative AI, LLMs, and ML systems
- Experience with specialized AI security/red teaming tools and frameworks (e.g., PyRIT, Garak, custom LLM evaluation harnesses) and contributions to AI security or open-source security projects
