Junior AI Security Engineer

Haddad Brands is growing their security team and looking for a Junior AI Security Engineer to help ensure the security of AI solutions used and built by the company. The role involves working alongside experienced network and security engineers and reporting to the Cyber Security Director.

• Strong understanding of core security concepts including CIA triad, threat modeling, and risk analysis.
• Ability to identify and assess common attack vectors, including familiarity with the OWASP Top 10.
• Understanding of firewalls, IDS, and IPS functionality.
• Knowledge of security frameworks and standards.
• Familiarity with authentication, encryption, and secure coding practices.
• Basic knowledge of networking including TCP/IP, static and dynamic routing.
• Basic ability to read and interpret network traffic conceptually.
• Basic understanding of machine learning models and their deployment.
• Professional proficiency in English, both written and spoken.

Nice to have:

• Awareness of AI-specific security risks like prompt injection, adversarial ML, or model inversion.
• Hands-on experience with security tools such as Nessus or Wireshark.
• Relevant certifications like CompTIA Security+, CEH, or equivalent practical knowledge.
• Exposure to cloud platforms such as AWS, Azure, or GCP.

• Reviewing AI tools and systems to assess security risks.
• Running security assessments on AI/ML pipelines, APIs, and data flows.
• Considering AI-specific threats such as data poisoning, model manipulation, and adversarial inputs.
• Documenting and communicating findings to both technical and non-technical stakeholders.
• Collaborating daily with network and security engineers on reviews and security projects.
• Staying updated on emerging threats, vulnerabilities, and developments in AI security.
• Contributing to internal security checklists and guidelines for AI security practice.
• Supporting other teams in adopting and implementing AI solutions safely and practically.
• Publishing and maintaining cybersecurity training content via the company’s training platform.