Security Engineer AI

Location: Remote within contiguous United States

Hiring Range: This position’s hiring range is anticipated to be $105k to $130k annually, depending on experience, plus great benefits!

Position Summary: The Security Engineer AI is responsible for implementing and operating security controls across enterprise cloud platforms, SaaS applications, and AI-enabled tools, with a particular focus on Cloud Applications security, Microsoft Copilot, Office 365 and custom AI integrations. This is a security engineering role focused on AI security and Cloud AI infrastructure.

This role is part of the core security engineering team and contributes broadly to enterprise security efforts, while maintaining a focused responsibility for AI platform security, SaaS security posture, and cloud identity and access management. The position combines hands-on technical work with cross-functional collaboration across IT, cloud, and application teams to ensure AI and cloud technologies are used securely and in accordance with enterprise security standards.

Culture Statement and Responsibility: We believe in treating everyone with kindness and compassion, building trust through authenticity and following through on commitments. We prioritize well-being alongside our mission, fostering strong relationships through open communication and transparent feedback. Diversity and inclusion are integral to our culture, enriching team dynamics by valuing diverse perspectives. Each team member is responsible for creating an inclusive environment where all voices are respected and contributing to a workplace that embodies our shared values and commitment to progress. By consistently aligning our actions with our Guiding Principles, we strengthen our culture and ensure that our values are lived every day.

Essential Duties and Responsibilities:

Treat people around you with Kindness and Compassion, build trust by demonstrating authenticity and following through on your commitments, prioritize your well-being like you do our mission, and work to build strong relationships with your colleagues by participating in communication loops to share and receive honest feedback. You are responsible and accountable for the culture you add to your team dynamic.

AI & Platform Security

• Implement and maintain security controls for enterprise AI tools, including Microsoft Copilot and other AI-enabled SaaS platforms. 
• Support the secure onboarding, configuration, and monitoring of AI features and other enterprise SaaS platforms. 
• Enforce data access boundaries and usage restrictions for AI tools based on data classification and identity. 
• Assist in reviewing custom AI use cases and integrations for security risks, including data exposure through prompts or outputs, improper access to sensitive information, and misuse of AI-driven automation. 
• Design, review, and enforce security controls for enterprise AI platforms, including productivity copilots, internal large language models (LLMs), and third-party AI services. 
• Partner with security engineering and cloud teams to secure AI infrastructure. 
• Participate in architecture and security design reviews for AI-enabled systems prior to production deployment, ensuring appropriate guardrails for data exposure. 
• Support secure configuration for AI agent usage and implement monitoring and audit logging for AI interactions and tool usage. 
• Design and implement security controls for AI systems leveraging the Model Context Protocol (MCP). 
• Enforce least-privilege access for AI agents interacting with tools, APIs, and data sources. 
• Secure AI data flows, including retrieval-augmented generation (RAG) pipelines. 
• Expand logging and monitoring for AI platforms, cloud environments, and SaaS activity. 
• Participate in incident response efforts by investigating security alerts and supporting response to incidents involving cloud, SaaS, and AI tools. 
• Assist in developing and maintaining runbooks and response procedures for platform-related incidents.

Cloud Security

• Partner with engineering teams to embed security into AI platform architectures. 
• Support and assist with security reviews of cloud-hosted applications and services and overall application security. 
• Support identity and access management controls across Cloud platforms, SaaS applications, AI tools and integrations. 
• Implement and maintain, Role based access controls (RBAC), Least privilege access models, Conditional access and MFA policies. 
• Assist with access reviews and security remediation efforts.

Security Standards & Collaboration

• Contribute to the development and maintenance of security standards and technical guidelines. Providing security input to IT, Cloud, and Application teams during solution design and implementation. 
• Document configurations, processes, and operational procedures related to security controls. 
• Provide practical, security focused guidance to engineering, IT, and business teams on safe AI usage.

Skills and Experience:

• 4-6 years of experience in security engineering, cloud security, or infrastructure security. 
• 3-4 years hands‑on experience with cloud platforms such as AWS, Azure and Office 365. 
• Experience integrating security monitoring with observability data to detect misuse, data exfiltration, prompt injection, and adversarial AI behaviors. 
• Working knowledge of identity and access management concepts and controls. 
• Familiarity with AI enabled tools, platforms and their associated security considerations. 
• Experience with Microsoft security tooling (e.g., Entra ID, Purview). 
• Experience with Microsoft Copilot or other enterprise AI tools.

Preferred Qualifications

• Experience with data protection, DLP, and information classification. 
• Experience securing enterprise AI platforms (e.g., Microsoft Copilot, ChatGPT Enterprise, Claude, and internal LLMs). 
• Experience in AI risk management initiatives that provide observability data to ensure compliance and safe usage of AI systems. 
• Familiarity with AI related risk frameworks (e.g., OWASP Top 10 for LLMs, NIST AI Risk Management Framework).

Physical Requirements

• Able to work at a computer for extended periods of time with repetitive typing, arm and hand motion. 
• Some light travel required – up to 5%.

Thank you for your interest in pursuing a career at Best Friends Animal Society. Best Friends Animal Society is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to their race, color, religion, ancestry, national origin, sex, sexual orientation, age, disability, marital status, or domestic partner status.

Applicants for employment in the U.S. must have valid work authorization that does not now and/or will not in the future require sponsorship of a visa for employment authorization in the U.S. by Best Friends Animal Society.