Alvarez & Marsal
Manager, AI Security & Compliance - Cybersecurity Governance
Alvarez & Marsal, Washington, District of Columbia, us, 20022
Manager, AI Security & Compliance - Cybersecurity Governance
Overview
Alvarez & Marsal (A&M) is a global consulting firm with over 10,000 professionals in over 40 countries. We take a hands-on approach to solving clients’ problems and helping them reach their potential. Our culture celebrates independent thinkers and doers who positively impact our clients and shape our industry, guided by our core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity.
How You Will Contribute With the rapid adoption of AI technologies and an evolving regulatory landscape, demand for AI-focused security analysis and compliance expertise is growing. Our team supports organizations, investors and counsel in identifying, assessing, and mitigating risks associated with AI system deployment, algorithmic bias, data privacy, and model security. We focus on implementing secure AI/ML pipelines, establishing AI governance frameworks, conducting model risk assessments, and ensuring compliance with emerging AI regulations. Our approach integrates traditional cybersecurity with AI-specific security controls, leveraging automated testing, model monitoring, and adversarial robustness techniques.
Responsibilities
Lead technical teams in executing AI security assessments, model audits, and compliance reviews related to AI Act (EU), NIST AI RMF, ISO/IEC 23053/23894, and emerging AI governance standards. Develop AI risk assessment methodologies and implement continuous monitoring solutions for production ML systems.
Design and implement secure AI/ML architectures incorporating MLOps security practices, including model versioning, data lineage tracking, feature store security, and secure model deployment pipelines. Integrate security controls for Large Language Models (LLMs), including prompt injection prevention, output filtering, and embedding security.
Conduct technical assessments of AI/ML systems using tools such as ART, Foolbox, CleverHans; MLflow, Kubeflow, AWS SageMaker, Azure ML, Google Vertex AI; Evidently AI, Fiddler AI, WhyLabs, Neptune.ai; Guardrails AI, NeMo Guardrails, LangChain security modules, OWASP LLM Top 10 tools; PySyft, TensorFlow Privacy, Opacus.
Implement AI compliance and governance solutions addressing regulatory frameworks (EU AI Act, Canada's AIDA, US AI Executive Orders, Singapore Model AI Governance), industry standards (ISO 23053, ISO 23894, IEEE 7000 series, NIST AI RMF), and sector-specific requirements (FDA AI/ML medical device regulations, GDPR Article 22).
Develop and execute penetration testing for AI systems, including model extraction defenses, data poisoning assessments, membership inference and model inversion testing, prompt injection and jailbreaking assessments for LLMs, and backdoor detection in neural networks.
Program and deploy secure solutions using Python (PyTorch, TensorFlow, scikit-learn), R, Julia; AI frameworks (Hugging Face Transformers, LangChain, LlamaIndex, AutoML tools); security libraries (SHAP, LIME, Fairlearn, AIF360); infrastructure (Docker, Kubernetes, Terraform).
Integrate AI security with traditional security frameworks (Zero Trust, IAM, SIEM) and implement automated compliance monitoring using AI-powered SOAR platforms (e.g., Splunk Phantom, Cortex XSOAR).
Assess and mitigate risks in foundation models, transfer learning, federated learning, edge AI, multi-modal AI, and generative AI applications (GPT, DALL-E, Stable Diffusion).
Create technical documentation including AI system security architecture reviews, threat models for ML pipelines, compliance mappings, and remediation roadmaps aligned with traditional security standards and AI-specific frameworks.
Travel up to 15% to client sites and assessment locations as required.
Qualifications
5+ years of experience in AI/ML development, deployment, or security assessment
3+ years of experience in information security, with focus on application security or cloud security
Hands-on experience with AI/ML frameworks (TensorFlow, PyTorch, scikit-learn, Hugging Face)
Proficiency in Python programming with experience in AI/ML libraries and security testing tools
Experience with cloud AI platforms (AWS SageMaker, Azure ML, Google Vertex AI, Databricks)
Knowledge of AI compliance frameworks: NIST AI RMF, EU AI Act requirements, ISO/IEC 23053/23894
Experience with MLOps tools and secure model deployment practices
Understanding of adversarial machine learning and AI security threats (OWASP ML Top 10, ATLAS framework)
Familiarity with privacy-preserving ML techniques (differential privacy, federated learning, homomorphic encryption basics)
Experience with containerization (Docker, Kubernetes) and infrastructure as code
Knowledge of traditional security frameworks (NIST CSF, NIST 800-53, ISO 27001)
Ability to obtain a USG security clearance
Preferred Certifications
One or more AI/ML certifications: AWS Certified Machine Learning, Google Cloud Professional ML Engineer, Azure AI Engineer
Security certifications: CISSP, CCSP, CompTIA Security+, CEH
Specialized: GIAC AI Security Essentials (GAISE), Certified AI Auditor (when available)
Your growth at A&M We recognize our people are the driving force behind our success and prioritize an employee experience that fosters professional and personal development. Our performance development process promotes continuous learning, rewards contributions, and supports a culture of meritocracy. You will have access to top-notch training and on-the-job learning opportunities, along with growth opportunities and a supportive, entrepreneurial culture.
Regular employees (30+ hours/week) are eligible for comprehensive benefits, a 401(k) plan, paid time off, holidays, and parental leave. The salary range for this role is $115,000 - $155,000 annually, with additional discretionary bonus opportunities based on performance. Benefits details are provided by the recruiter.
Equal Opportunity Employer: Alvarez & Marsal provides equal opportunity in employment, compensation, and terms of employment without discrimination in accordance with applicable laws.
Inclusivity Inclusive Diversity is a core aspect of our culture. We embrace diversity and foster inclusiveness, encouraging everyone to bring their whole self to work every day.
#J-18808-Ljbffr
How You Will Contribute With the rapid adoption of AI technologies and an evolving regulatory landscape, demand for AI-focused security analysis and compliance expertise is growing. Our team supports organizations, investors and counsel in identifying, assessing, and mitigating risks associated with AI system deployment, algorithmic bias, data privacy, and model security. We focus on implementing secure AI/ML pipelines, establishing AI governance frameworks, conducting model risk assessments, and ensuring compliance with emerging AI regulations. Our approach integrates traditional cybersecurity with AI-specific security controls, leveraging automated testing, model monitoring, and adversarial robustness techniques.
Responsibilities
Lead technical teams in executing AI security assessments, model audits, and compliance reviews related to AI Act (EU), NIST AI RMF, ISO/IEC 23053/23894, and emerging AI governance standards. Develop AI risk assessment methodologies and implement continuous monitoring solutions for production ML systems.
Design and implement secure AI/ML architectures incorporating MLOps security practices, including model versioning, data lineage tracking, feature store security, and secure model deployment pipelines. Integrate security controls for Large Language Models (LLMs), including prompt injection prevention, output filtering, and embedding security.
Conduct technical assessments of AI/ML systems using tools such as ART, Foolbox, CleverHans; MLflow, Kubeflow, AWS SageMaker, Azure ML, Google Vertex AI; Evidently AI, Fiddler AI, WhyLabs, Neptune.ai; Guardrails AI, NeMo Guardrails, LangChain security modules, OWASP LLM Top 10 tools; PySyft, TensorFlow Privacy, Opacus.
Implement AI compliance and governance solutions addressing regulatory frameworks (EU AI Act, Canada's AIDA, US AI Executive Orders, Singapore Model AI Governance), industry standards (ISO 23053, ISO 23894, IEEE 7000 series, NIST AI RMF), and sector-specific requirements (FDA AI/ML medical device regulations, GDPR Article 22).
Develop and execute penetration testing for AI systems, including model extraction defenses, data poisoning assessments, membership inference and model inversion testing, prompt injection and jailbreaking assessments for LLMs, and backdoor detection in neural networks.
Program and deploy secure solutions using Python (PyTorch, TensorFlow, scikit-learn), R, Julia; AI frameworks (Hugging Face Transformers, LangChain, LlamaIndex, AutoML tools); security libraries (SHAP, LIME, Fairlearn, AIF360); infrastructure (Docker, Kubernetes, Terraform).
Integrate AI security with traditional security frameworks (Zero Trust, IAM, SIEM) and implement automated compliance monitoring using AI-powered SOAR platforms (e.g., Splunk Phantom, Cortex XSOAR).
Assess and mitigate risks in foundation models, transfer learning, federated learning, edge AI, multi-modal AI, and generative AI applications (GPT, DALL-E, Stable Diffusion).
Create technical documentation including AI system security architecture reviews, threat models for ML pipelines, compliance mappings, and remediation roadmaps aligned with traditional security standards and AI-specific frameworks.
Travel up to 15% to client sites and assessment locations as required.
Qualifications
5+ years of experience in AI/ML development, deployment, or security assessment
3+ years of experience in information security, with focus on application security or cloud security
Hands-on experience with AI/ML frameworks (TensorFlow, PyTorch, scikit-learn, Hugging Face)
Proficiency in Python programming with experience in AI/ML libraries and security testing tools
Experience with cloud AI platforms (AWS SageMaker, Azure ML, Google Vertex AI, Databricks)
Knowledge of AI compliance frameworks: NIST AI RMF, EU AI Act requirements, ISO/IEC 23053/23894
Experience with MLOps tools and secure model deployment practices
Understanding of adversarial machine learning and AI security threats (OWASP ML Top 10, ATLAS framework)
Familiarity with privacy-preserving ML techniques (differential privacy, federated learning, homomorphic encryption basics)
Experience with containerization (Docker, Kubernetes) and infrastructure as code
Knowledge of traditional security frameworks (NIST CSF, NIST 800-53, ISO 27001)
Ability to obtain a USG security clearance
Preferred Certifications
One or more AI/ML certifications: AWS Certified Machine Learning, Google Cloud Professional ML Engineer, Azure AI Engineer
Security certifications: CISSP, CCSP, CompTIA Security+, CEH
Specialized: GIAC AI Security Essentials (GAISE), Certified AI Auditor (when available)
Your growth at A&M We recognize our people are the driving force behind our success and prioritize an employee experience that fosters professional and personal development. Our performance development process promotes continuous learning, rewards contributions, and supports a culture of meritocracy. You will have access to top-notch training and on-the-job learning opportunities, along with growth opportunities and a supportive, entrepreneurial culture.
Regular employees (30+ hours/week) are eligible for comprehensive benefits, a 401(k) plan, paid time off, holidays, and parental leave. The salary range for this role is $115,000 - $155,000 annually, with additional discretionary bonus opportunities based on performance. Benefits details are provided by the recruiter.
Equal Opportunity Employer: Alvarez & Marsal provides equal opportunity in employment, compensation, and terms of employment without discrimination in accordance with applicable laws.
Inclusivity Inclusive Diversity is a core aspect of our culture. We embrace diversity and foster inclusiveness, encouraging everyone to bring their whole self to work every day.
#J-18808-Ljbffr