Note: The job is a remote job and is open to candidates in USA. VIAVI Solutions is a global provider of network test, monitoring and assurance solutions. They are seeking a Senior AI Security & Governance Engineer to lead the company's strategy for securing AI technologies across the enterprise, focusing on AI compliance, security, and data protection.
Responsibilities
- Define and own VIAVI's enterprise AI governance framework, translating policy into enforceable technical controls aligned with NIST AI RMF, ISO/IEC 42001, and the EU AI Act
- Establish and maintain an AI risk tiering and classification system covering data sensitivity, model risk, autonomy level, and business exposure
- Collaborate with IT, Procurement, and Legal to operationalize an AI tool approval and onboarding process. Build and operate a continuous AI discovery program to identify unsanctioned AI tools, embedded AI features in approved SaaS applications, and browser-based AI interactions across the enterprise
- Build and operate AI intake workflows to evaluate, approve, and track all new AI use cases, tools, models, and integrations before production deployment
- Partner with Legal, Privacy, and Compliance teams to define AI exception and waiver processes; support internal audits and regulatory examinations
- Stay ahead of emerging AI regulations and industry standards including sector-specific requirements and translate them into actionable policy and controls
- Lead AI-specific threat modeling across the full AI lifecycle covering prompt injection, data leakage, model poisoning, adversarial attacks, tool abuse, privilege escalation, and agentic supply-chain risks
- Define and enforce secure AI architecture patterns and prohibited design anti-patterns for LLM-powered applications, autonomous agents, and multi-agent workflows
- Partner with product and platform engineering teams to embed security controls natively into AI development pipelines (S-SDLC / Secure AI Development Lifecycle), including secure CI/CD gates, pre-production reviews, and post-deployment monitoring
- Design and operationalize runtime protections for AI systems including prompt injection detection, jailbreak protection, output content controls, and abuse detection for high-throughput environments
- Define Human-on-the-Loop (HOTL) review checkpoints for autonomous agentic workflows where high-risk decisions require human oversight before execution
- Design and enforce granular data access controls for AI systems, ensuring least-privilege access to tools, data sources, APIs, and enterprise platforms invoked by AI agents; enforce clear segregation of duties across agent orchestration layers
- Implement data usage monitoring across AI workflows to detect unauthorized data access, over-permissioned AI agents, sensitive data exposure in model inputs/outputs, and policy violations in near-real time
- Develop and operationalize controls to prevent data exfiltration through AI channels, including prompt-based exfiltration via LLMs, data leakage through RAG retrieval pipelines, and output exfiltration through API integrations and third-party AI services
- Establish AI-specific data classification policies and enforce data boundary controls, retention limits, and usage constraints for data ingested by or generated by AI systems
Skills
- Minimum of a Bachelor's degree; preferably Computer Science/Computer Engineering or a related field
- 8–12+ years in security architecture, application security, cloud security, or a closely related field
- 3+ years of hands-on experience securing AI/ML or LLM-based systems in enterprise environments, including practical knowledge of prompt injection, data exfiltration through AI APIs, and agentic risk
- Demonstrated experience defining and implementing AI governance frameworks (OWASP Top 10 for LLM, NIST AI RMF, ISO/IEC 42001, EU AI Act, or equivalent)
- Strong background in threat modeling, secure design review, and risk management across complex distributed systems
- Hands-on experience with data loss prevention (DLP), CASB, SWG, or equivalent technologies applied to AI and SaaS environments
- Experience designing and enforcing granular access control frameworks (RBAC, ABAC) for AI agents, tools, and data pipelines
- Strong written and verbal communication skills including executive-level reporting and the ability to translate complex AI risk into business language
- Ability to read and review code (Python, JavaScript/TypeScript, or similar) to understand AI workflows, APIs, and failure modes
- Master's degree in Computer Science/Computer Engineering or a related field
Company Overview
Company H1B Sponsorship