Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

AI Security Engineer (GRC)

Scangroup

Founded in 1977 as the Senior Care Action Network, SCAN began with a simple but radical idea: that older adults deserve to stay healthy and independent. That belief was championed by a group of community activists we still honor today as the “12 Angry Seniors.” Their mission continues to guide everything we do.Today, SCAN is a nonprofit health organization serving more than 500,000 people across Arizona, California, Nevada, New Mexico, Texas, and Washington, with over $8 billion in annual revenue. With nearly five decades of experience, we have built a distinctive, values-driven platform dedicated to improving care for older adults.Our work spans Medicare Advantage, fully integrated care models, primary care, care for the most medically and socially complex populations, and next-generation care delivery models. Across all of this, we are united by a shared commitment: combining compassion with discipline, innovation with stewardship, and growth with integrity.At SCAN, we believe scale should strengthen—not dilute—our mission. We are building the future of care for older adults, grounded in purpose, accountability, and respect for the people and communities we serve.The JobThe AI Security Engineer (GRC) serves as the organization's dedicated subject matter expert at the intersection of artificial intelligence and cybersecurity within a regulated healthcare environment. This role is responsible for evaluating AI vendors and technologies, establishing and enforcing secure AI implementation standards, and providing hands-on guidance to development and engineering teams adopting AI platforms such as Microsoft Copilot Studio, Azure AI Foundry, Snowflake Cortex, Claude Code, and other large language model (LLM)-powered tooling.Operating within the HIPAA-regulated landscape, this analyst will ensure AI integrations — including Model Context Protocol (MCP) servers, agentic workflows, command-line interfaces (CLIs), APIs, and third-party AI extensions — are architected and deployed in a manner consistent with NIST AI RMF, HITRUST, and organizational security policies. The role acts as a trusted advisor, security gatekeeper, and enabler for responsible AI adoption across the enterprise.You Will1. AI Vendor & Technology EvaluationLead structured security assessments of AI vendors, platforms, and tools prior to organizational adoption or renewalEvaluate vendor data handling practices, model training transparency and data residencyAssess the security posture of AI platforms including:Microsoft Copilot Studio — plugin trust boundaries, connector authentication, Power Platform DLP policiesAzure AI Foundry — model deployment pipelines, private endpoint configuration, managed identity usageSnowflake Cortex — data access controls in AI-generated SQL, Snowpark security, role-based privilege enforcement, Cortex function access policies, and query result exposure risksClaude Code & Anthropic APIs — system prompt injection risks, tool use / agentic permissions, data retention settingsGitHub Copilot, Cursor, and other AI-assisted development tools — code telemetry and secret leakage exposureProduce written Vendor Security Assessment Reports (VSARs) including risk ratings, compensating controls, and recommendationsMaintain an AI technology registry with risk classifications and review cadence schedules2. Secure AI Implementation Guidance for Development TeamsServe as the embedded security advisor to software engineering, data science, and clinical informatics teams adopting AI toolingDefine and enforce secure-by-default configurations for AI development environments and agentic systemsReview and approve MCP server configurations, ensuring:Tool definitions follow least-privilege principles — no excessive file system, network, or shell accessServer authentication uses OAuth 2.0 / mTLS and does not rely on static API keys stored in plaintextTransport layer security (TLS 1.2+) is enforced on all MCP server communicationsPrompt injection attack surfaces are identified and mitigated in tool descriptions and system promptsLogging and audit trails are enabled for all MCP tool invocations touching PHI or sensitive dataEstablish CLI security standards for AI-assisted development tools (Claude Code CLI, GitHub Copilot CLI, Azure Developer CLI), including credential hygiene, shell history scrubbing, and token scope minimizationConduct secure code review for AI integration code — with focus on prompt injection, insecure deserialization, and unsafe agentic action chainsDevelop and maintain a library of reference architectures, secure configuration templates, and implementation checklists for approved AI platforms3. AI Risk Management & ComplianceMaintain the organization's AI Risk Register aligned with NIST AI RMF (Govern, Map, Measure, Manage)Ensure AI deployments comply with HIPAA Security Rule (45 CFR §164), HITECH Act obligations, and applicable state privacy lawsConduct AI-specific Threat Modeling (STRIDE / PASTA) and red-team exercises targeting:Prompt injection and jailbreak scenariosIndirect prompt injection via external data sources (email, documents, web retrieval)Model inversion and membership inference attacks on fine-tuned healthcare modelsData exfiltration through agentic tool chainsTrack emerging AI threats and threat actor TTPs relevant to healthcare AI systems via MITRE ATLAS and sector ISACsParticipate in AI governance committee meetings and contribute AI security perspectives to organizational AI policies4. Security Integration ReviewsReview AI integration architectures for network segmentation, data flow, and trust boundary enforcementValidate that PHI is never transmitted to external AI models without de-identification or explicit BAA coverageAssess retrieval-augmented generation (RAG) architectures for unauthorized data access and embedding extraction risksEvaluate agentic AI workflows and multi-agent orchestration systems for privilege escalation and uncontrolled action chainsProvide security sign-off on AI infrastructure as part of the Change Advisory Board (CAB) process5. Training, Awareness & PolicyDevelop AI security training curricula for developers, data engineers, clinical staff, and IT personnelAuthor and maintain AI security policies including: Acceptable Use of Generative AI, AI Vendor Onboarding Standards, MCP and Agentic System Security Policy, and Sensitive Data Handling in AI ContextsPublish internal guidance and threat intelligence briefings tailored to clinical and technical audiencesYour QualificationsBachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a closely related fieldMaster’s degree preferred; equivalent professional experience considered7+ years of progressive experience in information security, with a minimum of 2 years focused on AI/ML security or applied AI technology evaluationDemonstrated hands-on experience with one or more of the following: Copilot Studio, Azure AI Foundry, Claude / Anthropic APIs, OpenAI API, GitHub Copilot, or LLM agentic frameworks (LangChain, AutoGen, Semantic Kernel)Experience working in a HIPAA-regulated environment; healthcare industry background strongly preferredProven track record conducting vendor risk assessments and producing executive-level risk documentationDeep understanding of LLM attack surface: prompt injection, indirect prompt injection, system prompt extraction, and model manipulationFamiliarity with AI red-teaming methodologies and tools (Garak, PyRIT, PromptBench)Knowledge of OWASP Top 10 for LLM ApplicationsUnderstanding of AI model lifecycle risks: training data poisoning, supply chain risks in model registries (Hugging Face, Azure Model Catalog)Ability to audit and secure Model Context Protocol (MCP) server implementations including:Reviewing tool definitions and permissions for least-privilege violationsValidating authentication mechanisms (no hardcoded credentials, proper token scoping)Assessing stdio vs. SSE transport security implicationsIdentifying SSRF and command injection risks in custom MCP tool implementationsExperience securing AI CLIs including credential storage, environment variable exposure, and shell integration risksKnowledge of agentic permission models — understanding when AI agents should require human-in-the-loop approvalAbility to evaluate multi-step AI workflow chains for unintended capability escalationMicrosoft Copilot Studio: Plugin manifest security review, connector authentication, sensitivity label enforcementAzure AI Foundry: Managed identity configuration, private endpoints, content filtering policy management, model deployment governanceSnowflake Cortex: Securing AI-generated SQL and Cortex LLM functions, Snowpark container security, column-level data masking, network policy enforcement, and OAuth integration for service accountsClaude Code: System prompt construction, tool-use permission hardening, CLI credential isolation, API key scopingGitHub Copilot Enterprise: Telemetry settings, suggestion filtering for secrets, IDE extension trust policiesStrong grounding in identity and access management — OAuth 2.0, OIDC, SAML, managed identities, workload identity federationAPI security: authentication schemes, rate limiting, input validation, and output sanitization for AI endpointsNetwork security: micro-segmentation, private endpoints, WAF configuration for AI service ingressSIEM/SOAR integration for AI audit log ingestion, anomaly detection, and automated responseThreat modeling methodologies: STRIDE, PASTA, and application of MITRE ATT&CK and ATLAS frameworksThorough understanding of HIPAA Security Rule requirements and how they apply to AI data processing pipelinesExperience with HITRUST CSF controls relevant to AI and cloud-based processing of ePHIPractical knowledge of NIST AI Risk Management Framework (AI RMF) — Govern, Map, Measure, Manage functionsFamiliarity with EU AI Act classifications and their implications for healthcare AI systems (high-risk AI designation)Experience reviewing BAAs and DPAs for AI vendor engagementsWhat's in it for you?Base Pay Range: $125,400 to $215,975annuallyAn annual employee bonus programRobust Wellness ProgramGenerous paid-time-off (PTO)11 paid holidays per year, 1 floating holiday, birthday off, and 2 volunteer daysExcellent 401(k) Retirement Saving Plan with employer matchRobust employee recognition programTuition reimbursementAn opportunity to become part of a team that makes a difference to our members and our community every day!We're always looking for talented people to join our team! Qualified applicants are encouraged to apply now!At SCAN we believe that it is our business to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects our community through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more.SCAN is proud to be an Equal Employment Opportunity and Affirmative Action workplace. Individuals seeking employment will receive consideration for employment without regard to race, color, national origin, religion, age, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender perception or identity, age, marital status, disability, protected veteran status or any other status protected by law. A background check is required.#LI-JB1 #LI-RemoteEqual Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c) #J-18808-Ljbffr Scangroup

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the AI Security Engineer (GRC) in Lakewood, CA vacancy
  • SCAN Group is seeking an AI Security Engineer to act as a subject matter expert at the intersection of AI and cybersecurity. The role involves evaluating AI vendors, enforcing secure implementation standards, and guiding adoption of AI technologies in a HIPAA-regulated... 
    Suggested

    SCAN Group

    Lakewood, CA
    2 days ago
  • A leading furniture manufacturer based in Cypress, CA, seeks a Senior Director of Product Engineering to lead the product engineering organization. This hybrid role requires 12+ years in product engineering, with a strong focus on modular product development and cross-functional... 
    Suggested

    Exemplis LLC

    Cypress, CA
    5 days ago
  •  ...developing, and deploying production-grade AI solutions including autonomous agents,...  ...in code reviews and maintain high-quality engineering standards. Keep updated with advances in...  ...Adhere to best practices in data privacy and security when working with sensitive data.... 
    Suggested
    Remote work
    Flexible hours

    Confie

    Huntington Beach, CA
    1 day ago
  • $150k - $200k

     ...Senior Software Security Engineer Torrance, California, United States $ 150,000.00 - 200,000.00 (US Dollar) About the job Senior Software Security Engineer Castelion is bringing a new approach to defense development and production: one that focuses on short,... 
    Suggested
    Permanent employment

    Castelion

    Torrance, CA
    4 days ago
  •  ...Senior Security Software Engineer Torrance, CA - Relocation Assistance Provided The Company Our client's mission is to expand humanity's frontier into the solar system and beyond. The next step on this journey is to enable manufacturing and habitation in Low... 
    Suggested
    Relocation package

    Galaxy Technology Hires LLC

    Torrance, CA
    1 day ago
  •  ...that helps people be exceptional and thrive at work through human, AI, and software-based coaching. We’re on a mission to provide...  ...The Role  We’re looking for a product-minded senior software engineer with experience working with data to help us build a differentiated... 
    Remote work
    Home office

    Mento.io

    Long Beach, CA
    1 day ago
  •  ...Description Overview: Insight Global is seeking a hands‑on AI Engineer to design, build, and deploy AI/ML solutions using LLMs,...  ...junior engineers, and drive coding best practices. • Maintain security, privacy, and compliance when handling sensitive data. We are... 

    Insight Global

    Huntington Beach, CA
    2 days ago
  • UNIS in Buena Park, CA is seeking an experienced AI Inventory Support Engineer to develop and support AI-powered solutions for inventory operations. This role emphasizes hands-on technical skills in AI automation and full-stack development. The ideal candidate has a Bachelor... 

    UNIS

    Buena Park, CA
    2 days ago
  •  ...seeking a Human Resources Manager to drive HR transformation in engineering and technical functions. You will partner with senior leaders...  ...evolving environment. This role requires a credible understanding of AI's impact on workflows and a strong capability in employee... 

    Breville | Sage

    Torrance, CA
    4 days ago
  •  ...on Mondays and Fridays. Responsibilities Assist in integrating application security tools (e.g., SAST, DAST, SCA) into CI/CD pipelines to help identify vulnerabilities early. Support engineering teams in remediating common security issues discovered through automated scans... 
    Full time
    Work at office
    Remote work
    Work from home
    Monday to Friday
    3 days per week

    Laserfiche

    Long Beach, CA
    7 hours ago
  • Confie is seeking an AI Engineer based in Huntington Beach, California. The role involves designing and developing AI solutions, particularly focusing on generative AI and autonomous agents. Candidates should have a minimum of 3 years in AI engineering, proficiency in Python... 
    Remote job
    Flexible hours

    Confie

    Huntington Beach, CA
    3 days ago
  •  ...Buena Park, CA or Greater Chicago Area (Onsite) Employment Type: Full-Time Help Build the Future of AI-Driven Operations We are seeking an AI Inventory Support Engineer to develop, deploy, and support AI-powered solutions that improve inventory operations and business... 
    Full time

    UNIS

    Buena Park, CA
    2 days ago
  • $110.54k - $138.17k

     ...despite any challenges, goes beyond just a job; it's a calling that drives us forward every day. Job Overview The Senior IT Security Engineer is responsible for identifying, evaluating, and implementing technical security controls to prevent, detect, contain, and... 
    Flexible hours

    AltaMed Health Services

    Commerce, CA
    1 day ago
  • $122.43k - $168.34k

     ...comprehensively uses machine learning to optimally engineer, additively manufacture, and flexibly...  .... Purpose We are looking for an AI Solutions Engineer who not only builds cutting...  ...to the records contained in the Social Security Administration and Department of Homeland... 
    Temporary work
    Work at office

    Alumni Ventures

    Torrance, CA
    5 days ago
  • $141.38k - $224.5k

    Divergent is seeking a talented Software Developer to join our Robotics & AI Software team in Torrance, California. In this role, you will collaborate with experienced engineers to develop innovative algorithms for robotic systems, enhancing efficiency and reliability.... 

    Divergent Enterprises

    Torrance, CA
    2 days ago
  • Alumni Ventures is seeking a talented Industrial Robotics Engineer in Torrance, California. In this critical role, you will join a dynamic team dedicated to developing and implementing cutting-edge algorithms for robotic systems. Your work will focus on enhancing the efficiency... 

    Alumni Ventures

    Torrance, CA
    5 days ago
  •  ...Position: Security Engineer Location: Downey, CA - Remote Duration: 12+ months Skills Required Security Engineers will possess knowledge and experience in safeguarding sensitive data from cyber-attacks. Must have a minimum of... 
    Remote work

    West Advanced Technologies

    Downey, CA
    4 days ago
  • Sysazzle, Inc. is seeking an experienced Software Engineer to join its team in Torrance, California. The candidate will work on security issues related to mobile devices and computer networks, developing algorithms and software solutions. The ideal applicant holds a Bachelor... 

    Sysazzle, Inc.

    Torrance, CA
    3 days ago
  • Alumni Ventures in California seeks an AI Solutions Engineer to design and build generative AI systems, acting as the organization’s AI Enablement lead. You'll collaborate with teams to integrate AI into products and ensure responsible usage. The ideal candidate will have... 

    Alumni Ventures

    Torrance, CA
    5 days ago
  • $75 per hour

     ...Science to lead our Artificial Intelligence (AI) courses as we develop partnerships...  ...working experience in a software development/engineering role Availability to lead lectures...  ...: Employee Assistance Program Financial Security: 401(k) Additional Perks: Exclusive marketplace... 
    Full time
    Part time
    Work experience placement
    Seasonal work
    Shift work
    1 day per week

    CodePath

    Carson, CA
    2 days ago
  • $90k - $120k

    Feit Electric seeks a Senior Product Engineer to lead the engineering of innovative lighting and connected home products. This role involves...  ...teams to ensure compliance with standards while leveraging AI tools to enhance product development processes. The ideal candidate... 

    Feit Electric

    Pico Rivera, CA
    2 days ago
  •  ...global ground network ensures that missions ranging from national security, to global connectivity, to disaster response can unlock their...  ...and commercial space communications. We need a Senior Security Engineer to design and build the technical security foundation that... 
    Permanent employment
    Remote work

    SwiftCruit

    Torrance, CA
    5 days ago
  •  ...reliable communication for satellite missions such as national security, global connectivity, and disaster response. With a vertically...  ...on for mission‑critical operations. We need a Senior Security Engineer to design robust security frameworks that enable rapid scaling... 
    Permanent employment
    Immediate start

    Northwood Space

    Torrance, CA
    2 days ago
  • Northwood Space is seeking a Senior Security Engineer to design security frameworks for their advanced satellite communications infrastructure. This role involves building security architectures for innovative ground stations and ensuring compliance with stringent national... 

    Northwood Space

    Torrance, CA
    2 days ago
  • $100k - $150k

    Dormont Manufacturing Co is seeking a Systems Engineer in Torrance, California, to participate in research for the DOE. The role involves developing architecture models and preparing licensing documents for a Nuclear Reactor System while collaborating with cross-functional... 

    Dormont Manufacturing Co

    Torrance, CA
    2 days ago
  • $72.8k - $130k

     ...Cloudwatch(monitoring) Familiarity with AI/ML frameworks (e.g., TensorFlow, PyTorch)...  ...applications Skilled in addressing security vulnerabilities and ensuring secure application...  ...~3+ years of experience in software engineering, including enterprise-class microservices... 
    Minimum wage
    Full time
    Temporary work
    Work experience placement
    Local area

    UnitedHealth Group

    Cypress, CA
    3 days ago
  • $89k

     ...Software Engineer At Southland Credit Union, we believe helping people achieve financial well-being extends beyond the branch—it includes building secure, reliable digital experiences that our members and associates depend on every day. Behind every online transaction... 

    Southland Credit Union

    Los Alamitos, CA
    1 day ago
  • Northrop Grumman Federal Credit Union in Gardena is looking for an Information Technology Security Analyst to strengthen their cybersecurity governance program. The ideal candidate should have at least 5 years of experience in the field, preferably in financial services... 

    Northrop Grumman Federal Credi

    Gardena, CA
    5 days ago
  • $110k - $130k

     ...Instagram @REVOLVEcareers or #lifeatrevolve. Are you ready to set the standard for Premium apparel? Main purpose of the Software Engineer role: This is a full-time role for a candidate who will develop and maintain software services and reporting software used by... 
    Hourly pay
    Full time
    Work experience placement
    Flexible hours

    REVOLVE

    Cerritos, CA
    2 days ago
  • $94k - $117k

     ...Role Reporting directly to the eServices Manager, the Software Engineer is responsible for creating and deploying web-based solutions,...  ...maintain automated CI/CD pipelines to ensure frequent, reliable, and secure code deployments. Version Control : Lead best practices in... 
    Work at office

    Southland Credit Union

    Los Alamitos, CA
    1 day ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to AI Security Engineer (GRC). Be the first to apply!