Principal Security Engineer, GenAI and Emerging Tech

Role Overview: Principal Security Engineer, GenAI and Emerging Tech

The Hartford’s Information Protection (THIP) organization is seeking a talented Principal Security Engineer to join a high-performing team focused on designing, implementing, and maintaining modernized and advanced information security capabilities. This essential leadership position reports directly to the Chief Information Security Officer (CISO) and partners closely with other technology leaders to help shape future security practices. We are looking for a strong technical leader who is adept at charting future direction, passionate about security, and committed to driving innovative solutions, particularly within the realm of AI and Generative AI.

Key Responsibilities

• Partner with key stakeholders and technology partners to provide leadership direction and support for the company’s continued GenAI priorities, ensuring a security perspective that balances business imperatives and delivery timeframes.
• Design and develop architectures, frameworks, and requirements for the secure consumption of AI / GenAI capabilities across various patterns and usages, including internally maintained models and Software as a Service (SaaS) solutions.
• Perform threat modeling and risk assessments against GenAI use cases, recommending security requirements, and monitoring adherence with guidance.
• Work with development teams, data scientists, and security professionals to design and implement security measures that protect AI models against various threats and vulnerabilities, including prompt injections, inference attacks, data poisoning, and model thefts.
• Represent the organization in leadership discussions, risk governance councils, and various AI / GenAI working teams.
• Lead the cybersecurity team’s efforts to continuously monitor, assess, and evaluate emerging security technologies, partnering with the enterprise Innovation team to proactively identify and recommend potential new capabilities.

Qualifications

• 5+ years’ experience as a security professional with a focus on Security Architecture responsibilities related to cloud security, threat modeling, identity and management and authentication, network security, software engineering, cryptography, penetration testing, mobile security, and/or infrastructure services.
• AI/ML Security Leadership: Proven expertise in securing Generative AI systems, with successful implementation of AI security frameworks.
• Generative AI & LLMs: Hands-on experience leading AI/ML initiatives using large language models (LLMs) and platforms such as GCP Vertex AI, AWS Bedrock, SageMaker, ChatGPT, etc.
• Cross-Platform AI Security: Deep knowledge of securing AI applications and platform products across major cloud providers (AWS, GCP, Microsoft Azure) and AI ecosystems, including CoPilot and other enterprise-grade LLMs.
• Cloud Security Engineering: Experience designing and deploying robust cloud security architectures for AI/ML workloads across AWS and Google Cloud.
• Threat Modeling & Risk Mitigation: Subject matter expert in identifying and mitigating AI-specific attack surfaces and threats.
• End-to-End AI Security Strategy: Demonstrated ability to lead the development and execution of comprehensive AI/ML security strategies, integrating secure model development, deployment, and monitoring practices.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and/or Cloud and AI-specific certifications are highly desirable.

Work Arrangement

This role can have a Hybrid or Remote work schedule. Candidates living near one of our office locations (Hartford, CT, Charlotte, NC, Columbus, OH or Chicago, IL) will work in an office 3 days a week (Tuesday through Thursday). Remote candidates will have the expectation of coming into an office as business needs arise.

Compensation

The annualized base pay range for this role is: $149,360 - $224,040. Actual base pay may vary based on performance, proficiency, and demonstration of competencies. Other rewards may include short-term or annual bonuses, long-term incentives, and on-the-spot recognition.

Key skills/competency

• GenAI Security
• AI/ML Security Frameworks
• Large Language Models (LLMs)
• Cloud Security Architecture
• Threat Modeling
• Risk Assessment
• SaaS Security
• Identity and Access Management
• Cybersecurity Leadership
• Emerging Technologies