Job Description

Roles & Responsibilities

1. Operate Continuous Security Validation — running AWS Security Agent (cloud/infra), (AI-specific) and (model supply-chain) on every significant deployment, mapped to a 2LoD-approved threat coverage matrix.

2. Own the 7-day threat-intel SLA — ingesting MITRE ATLAS / OWASP LLM feeds via Jira automation and operationalising new attack techniques into test suites within 7 days.

3. Aggregate, deduplicate and SLA-manage all findings via DefectDojo → Attestation, enforcing severity-based MTTR remediation gates before re-deployment approval, and feeding the Power BI dashboard (Open Findings, MTTR, Pipeline Gate Pass Rate, Prompt Injection Block Rate). in offensive security, blue-team validation and continuous adversarial testing, with proven shift from periodic manual pentest to automated, continuous control validation.

Hands-on with autonomous pentest tooling (AWS Security Agent, Horizon3 or equivalent), AI red-teaming (Garak, PyRIT, Claude Security / Opus 4.x, Codex) and OWASP LLM Top 10 + MITRE ATLAS test design.

Clear understanding of the 1LoD/2LoD boundary — running control validation (blue team) against 2LoD-approved threat scenarios, while leaving independent unknown-scenario red teaming to 2LoD.

Desired Candidate Profile

• OSCP or OSCE (mandatory) · GIAC GPEN or GXPN · GIAC GMLE (Machine Learning Engineer) or equivalent AI-security credential · AAnthropic Cyber Verification Program enrolment (for offensive use of Opus 4.x) · CREST CCT desirable for regulated-bank context