[Remote] Information Security Engineer
Note: The job is a remote job and is open to candidates in USA. Calance is a company focused on information security, and they are seeking an Information Security Engineer to lead security assessments and develop security frameworks for AI services. The role involves designing security controls, conducting risk analysis, and coordinating with stakeholders to ensure compliance and mitigate risks.
Responsibilities
- Lead security assessments of third-party AI/ML vendors across a high-volume pipeline, evaluating architecture, data handling, and access controls against enterprise risk standards
- Develop and maintain the enterprise GCP AI Security Framework, defining approved security postures and controls for cloud AI services, agentic systems, and MCP servers
- Design security controls for LLM gateways (Kong), including prompt injection defense, PII sanitization, and OAuth 2.1/PKCE-secured MCP deployments
- Identify architecture gaps, PCI/DPA compliance issues, and access control weaknesses; document findings with clear remediation requirements
- Partner with Legal, Privacy, and engineering teams to resolve security blockers and inform vendor contract decisions
- Deliver concise status updates translating technical risk into business-ready decisions for leadership
Skills
- Lead security assessments of third-party AI/ML vendors across a high-volume pipeline, evaluating architecture, data handling, and access controls against enterprise risk standards
- Develop and maintain the enterprise GCP AI Security Framework, defining approved security postures and controls for cloud AI services, agentic systems, and MCP servers
- Design security controls for LLM gateways (Kong), including prompt injection defense, PII sanitization, and OAuth 2.1/PKCE-secured MCP deployments
- Identify architecture gaps, PCI/DPA compliance issues, and access control weaknesses; document findings with clear remediation requirements
- Partner with Legal, Privacy, and engineering teams to resolve security blockers and inform vendor contract decisions
- Deliver concise status updates translating technical risk into business-ready decisions for leadership
Company Overview
Company H1B Sponsorship