Summary: The AI Security Engineer (GRC) is a specialized role focused on integrating artificial intelligence within cybersecurity frameworks in a healthcare setting. This position involves evaluating AI technologies, ensuring compliance with security standards, and providing guidance to development teams on secure AI implementations. The engineer acts as a trusted advisor, facilitating responsible AI adoption while adhering to regulatory requirements. The role requires a deep understanding of AI security risks and the ability to manage vendor assessments and compliance initiatives.
Key Responsibilities:
- Lead structured security assessments of AI vendors, platforms, and tools prior to organizational adoption or renewal
- Evaluate vendor data handling practices, model training transparency and data residency
- Assess the security posture of AI platforms including Microsoft Copilot Studio, Azure AI Foundry, Snowflake Cortex, Claude Code, and others
- Produce written Vendor Security Assessment Reports (VSARs) including risk ratings, compensating controls, and recommendations
- Maintain an AI technology registry with risk classifications and review cadence schedules
- Serve as the embedded security advisor to software engineering, data science, and clinical informatics teams adopting AI tooling
- Define and enforce secure-by-default configurations for AI development environments and agentic systems
- Conduct secure code review for AI integration code with focus on prompt injection, insecure deserialization, and unsafe agentic action chains
- Maintain the organization's AI Risk Register aligned with NIST AI RMF
- Ensure AI deployments comply with HIPAA Security Rule and applicable state privacy laws
- Conduct AI-specific Threat Modeling and red-team exercises targeting various attack scenarios
- Review AI integration architectures for network segmentation, data flow, and trust boundary enforcement
- Develop AI security training curricula for developers, data engineers, clinical staff, and IT personnel
- Author and maintain AI security policies including Acceptable Use of Generative AI and Sensitive Data Handling in AI Contexts
Key Skills:
- Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or a closely related field
- Master's degree preferred; equivalent professional experience considered
- 7+ years of progressive experience in information security, with a minimum of 2 years focused on AI/ML security
- Demonstrated hands-on experience with AI platforms such as Copilot Studio, Azure AI Foundry, Claude / Anthropic APIs, and others
- Experience working in a HIPAA-regulated environment; healthcare industry background strongly preferred
- Proven track record conducting vendor risk assessments and producing executive-level risk documentation
- Deep understanding of LLM attack surface and AI red-teaming methodologies
- Knowledge of OWASP Top 10 for LLM Applications and AI model lifecycle risks
- Ability to audit and secure Model Context Protocol (MCP) server implementations
- Strong grounding in identity and access management and API security
- Thorough understanding of HIPAA Security Rule requirements and NIST AI Risk Management Framework
- Familiarity with EU AI Act classifications and their implications for healthcare AI systems
Salary (Rate): £50 - £60 hourly
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
The Job
The AI Security Engineer (GRC) serves as the organization's dedicated subject matter expert at the intersection of artificial intelligence and cybersecurity within a regulated healthcare environment. This role is responsible for evaluating AI vendors and technologies, establishing and enforcing secure AI implementation standards, and providing hands-on guidance to development and engineering teams adopting AI platforms such as Microsoft Copilot Studio, Azure AI Foundry, Snowflake Cortex, Claude Code, and other large language model (LLM)-powered tooling.
Operating within the HIPAA-regulated landscape, this analyst will ensure AI integrations including Model Context Protocol (MCP) servers, agentic workflows, command-line interfaces (CLIs), APIs, and third-party AI extensions are architected and deployed in a manner consistent with NIST AI RMF, HITRUST, and organizational security policies. The role acts as a trusted advisor, security gatekeeper, and enabler for responsible AI adoption across the enterprise.
You Will
1. AI Vendor & Technology Evaluation
- Lead structured security assessments of AI vendors, platforms, and tools prior to organizational adoption or renewal
- Evaluate vendor data handling practices, model training transparency and data residency
- Assess the security posture of AI platforms including:
- Microsoft Copilot Studio plugin trust boundaries, connector authentication, Power Platform DLP policies
- Azure AI Foundry model deployment pipelines, private endpoint configuration, managed identity usage
- Snowflake Cortex data access controls in AI-generated SQL, Snowpark security, role-based privilege enforcement, Cortex function access policies, and query result exposure risks
- Claude Code & Anthropic APIs system prompt injection risks, tool use / agentic permissions, data retention settings
- GitHub Copilot, Cursor, and other AI-assisted development tools code telemetry and secret leakage exposure
- Produce written Vendor Security Assessment Reports (VSARs) including risk ratings, compensating controls, and recommendations
- Maintain an AI technology registry with risk classifications and review cadence schedules
2. Secure AI Implementation Guidance for Development Teams
- Serve as the embedded security advisor to software engineering, data science, and clinical informatics teams adopting AI tooling
- Define and enforce secure-by-default configurations for AI development environments and agentic systems
- Review and approve MCP server configurations, ensuring:
- Tool definitions follow least-privilege principles no excessive file system, network, or shell access
- Server authentication uses OAuth 2.0 / mTLS and does not rely on static API keys stored in plaintext
- Transport layer security (TLS 1.2+) is enforced on all MCP server communications
- Prompt injection attack surfaces are identified and mitigated in tool descriptions and system prompts
- Logging and audit trails are enabled for all MCP tool invocations touching PHI or sensitive data
- Establish CLI security standards for AI-assisted development tools (Claude Code CLI, GitHub Copilot CLI, Azure Developer CLI), including credential hygiene, shell history scrubbing, and token scope minimization
- Conduct secure code review for AI integration code with focus on prompt injection, insecure deserialization, and unsafe agentic action chains
- Develop and maintain a library of reference architectures, secure configuration templates, and implementation checklists for approved AI platforms
3. AI Risk Management & Compliance
- Maintain the organization's AI Risk Register aligned with NIST AI RMF (Govern, Map, Measure, Manage)
- Ensure AI deployments comply with HIPAA Security Rule (45 CFR 164), HITECH Act obligations, and applicable state privacy laws
- Conduct AI-specific Threat Modeling (STRIDE / PASTA) and red-team exercises targeting:
- Prompt injection and jailbreak scenarios
- Indirect prompt injection via external data sources (email, documents, web retrieval)
- Model inversion and membership inference attacks on fine-tuned healthcare models
- Data exfiltration through agentic tool chains
- Track emerging AI threats and threat actor TTPs relevant to healthcare AI systems via MITRE ATLAS and sector ISACs
- Participate in AI governance committee meetings and contribute AI security perspectives to organizational AI policies
4. Security Integration Reviews
- Review AI integration architectures for network segmentation, data flow, and trust boundary enforcement
- Validate that PHI is never transmitted to external AI models without de-identification or explicit BAA coverage
- Assess retrieval-augmented generation (RAG) architectures for unauthorized data access and embedding extraction risks
- Evaluate agentic AI workflows and multi-agent orchestration systems for privilege escalation and uncontrolled action chains
- Provide security sign-off on AI infrastructure as part of the Change Advisory Board (CAB) process
5. Training, Awareness & Policy
- Develop AI security training curricula for developers, data engineers, clinical staff, and IT personnel
- Author and maintain AI security policies including: Acceptable Use of Generative AI, AI Vendor Onboarding Standards, MCP and Agentic System Security Policy, and Sensitive Data Handling in AI Contexts
- Publish internal guidance and threat intelligence briefings tailored to clinical and technical audiences
Your Qualifications
- Bachelor s degree in Cybersecurity, Computer Science, Information Systems, or a closely related field
- Master s degree preferred; equivalent professional experience considered
- 7+ years of progressive experience in information security, with a minimum of 2 years focused on AI/ML security or applied AI technology evaluation
- Demonstrated hands-on experience with one or more of the following: Copilot Studio, Azure AI Foundry, Claude / Anthropic APIs, OpenAI API, GitHub Copilot, or LLM agentic frameworks (LangChain, AutoGen, Semantic Kernel)
- Experience working in a HIPAA-regulated environment; healthcare industry background strongly preferred
- Proven track record conducting vendor risk assessments and producing executive-level risk documentation
- Deep understanding of LLM attack surface: prompt injection, indirect prompt injection, system prompt extraction, and model manipulation
- Familiarity with AI red-teaming methodologies and tools (Garak, PyRIT, PromptBench)
- Knowledge of OWASP Top 10 for LLM Applications
- Understanding of AI model lifecycle risks: training data poisoning, supply chain risks in model registries (Hugging Face, Azure Model Catalog)
- Ability to audit and secure Model Context Protocol (MCP) server implementations including:
- Reviewing tool definitions and permissions for least-privilege violations
- Validating authentication mechanisms (no hardcoded credentials, proper token scoping)
- Assessing stdio vs. SSE transport security implications
- Identifying SSRF and command injection risks in custom MCP tool implementations
- Experience securing AI CLIs including credential storage, environment variable exposure, and shell integration risks
- Knowledge of agentic permission models understanding when AI agents should require human-in-the-loop approval
- Ability to evaluate multi-step AI workflow chains for unintended capability escalation
- Microsoft Copilot Studio: Plugin manifest security review, connector authentication, sensitivity label enforcement
- Azure AI Foundry: Managed identity configuration, private endpoints, content filtering policy management, model deployment governance
- Snowflake Cortex: Securing AI-generated SQL and Cortex LLM functions, Snowpark container security, column-level data masking, network policy enforcement, and OAuth integration for service accounts
- Claude Code: System prompt construction, tool-use permission hardening, CLI credential isolation, API key scoping
- GitHub Copilot Enterprise: Telemetry settings, suggestion filtering for secrets, IDE extension trust policies
- Strong grounding in identity and access management OAuth 2.0, OIDC, SAML, managed identities, workload identity federation
- API security: authentication schemes, rate limiting, input validation, and output sanitization for AI endpoints
- Network security: micro-segmentation, private endpoints, WAF configuration for AI service ingress
- SIEM/SOAR integration for AI audit log ingestion, anomaly detection, and automated response
- Threat modeling methodologies: STRIDE, PASTA, and application of MITRE ATT&CK and ATLAS frameworks
- Thorough understanding of HIPAA Security Rule requirements and how they apply to AI data processing pipelines
- Experience with HITRUST CSF controls relevant to AI and cloud-based processing of ePHI
- Practical knowledge of NIST AI Risk Management Framework (AI RMF) Govern, Map, Measure, Manage functions
- Familiarity with EU AI Act classifications and their implications for healthcare AI systems (high-risk AI designation)
- Experience reviewing BAAs and DPAs for AI vendor engagements