AI Security Engineer / Claude Engineering / Remote

A digital life insurance technology company going AI-native is hiring a contract AI Security Engineer / SME to own the security side of their LLM and agentic AI buildout. This is a remote contract role, 6+ months with a potential conversion path to full-time. The stack includes Claude (Desktop, Code, and Cowork), developer copilots, Python, Jupyter notebooks, Kubernetes, Node.js, and cloud-native infrastructure across AWS and Google Cloud Platform.

The right person for this role has spent real time securing AI systems in production, and specifically understands how tools like Claude actually behave in an enterprise environment. The company is deep into AI adoption across internal workflows and customer-facing products, and they need an engineer who can evaluate tools before they land, define controls that engineering teams can actually implement, and stay ahead of what's coming in the AI security space. You'll work directly with the AI infrastructure team and leadership, and your output needs to be concrete, not advisory memos sitting in a doc somewhere. Compliance and policy awareness matters here, but this is fundamentally an engineering role. If your reflex is to write a framework instead of a config, this isn't the right fit.

Contract Duration: 3-6 Months

Required Skills & Experience

• 5-10+ years of experience across security engineering, AI engineering, or closely adjacent fields
• Hands-on experience securing generative AI systems in production, including tools built on Claude, GPT, Gemini, or similar LLM platforms
• Deep working knowledge of how Claude products (Claude Desktop, Claude Code, Claude Cowork) are deployed and used in enterprise environments, including their data access patterns, integration points, and threat surfaces
• Ability to walk through a full Claude Desktop rollout end-to-end: access control, OAuth and scoped permissions, monitoring and logging, data exposure vectors, and governance at each layer
• Experience with AI red-teaming, prompt injection, credential leakage through AI-enabled workflows, and data exfiltration risks
• Strong foundation in application security and/or cloud security, with AWS and/or Google Cloud Platform experience
• Experience defining and implementing DLP controls in AI-enabled and cloud-native environments
• Familiarity with agentic AI risk, tools that can browse, execute code, access file systems, or call external APIs on behalf of users
• Threat modeling experience and comfort with detection engineering and SOC workflows
• Working knowledge of OAuth, modern authentication/authorization models, and least privilege access scoping
• Comfortable in Python and Jupyter notebooks for investigation and tooling
• Fluent in terminal/CLI environments and investigative workflows

Desired Skills & Experience

• Familiarity with OWASP LLM Top 10 and MITRE ATLAS applied to real deployment scenarios, not just as frameworks to cite
• Experience with AI-driven security tooling and automated GRC or compliance tooling
• Exposure to Kubernetes, containerized workloads, Node.js-based systems, and data pipeline architectures
• Ability to develop internal AI security guidelines and policies that engineers will actually use
• Certifications: CISSP, CCSP, or any emerging AI security credentials relevant to LLM/agentic environments
• Experience operating in a startup or high-growth environment with minimal process scaffolding

What You Will Be Doing

Tech Breakdown

• 35% AI/LLM tooling evaluation and security architecture (heavy Claude focus)
• 25% Hands-on controls implementation: DLP, access control, monitoring, logging, and observability across AI systems
• 20% Agentic AI security advisory, threat modeling, and red-team thinking applied to LLM deployments
• 15% Cross-functional partnership with AI infrastructure, integration, and GRC/Legal teams
• 5% Internal guideline and policy development for AI tool adoption

Daily Responsibilities

• 80% Hands On: Evaluating AI tools for enterprise security risk, implementing and documenting controls, building out monitoring and observability for LLM behavior in production, and responding to emerging gaps as new tools enter the environment
• 20% Team Collaboration: Working with AI infrastructure, integration, GRC, and leadership to align on controls, answer security questions authoritatively, and reduce ad-hoc research burden across the org