AI Security Engineer
The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status. Need Help? If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to Accessibility (accommodation requests only; other inquiries won't receive a response). Regular or Temporary: RegularLanguage Fluency: English (Required) Work Shift: 1st shift (United States of America)Please review the following job description:***This role is 5 days a week in the Charlotte Office***
The AI Security Engineer helps design, implement, test, and operate the controls that keep enterprise AI systems safe, governed, and production-ready.
This role focuses on the security engineering foundations required for AI-enabled applications, agents, prompt-driven workflows, and tool-integrated automations operating in a regulated enterprise environment.
This is a hands-on engineering role within the Forge AI Security & Governance model.
The engineer supports guardrail implementation, prompt-injection defense, output filtering, monitoring, secure tool-use boundaries, logging, detection content, and deployment-readiness controls for AI-enabled systems.
The work spans design, testing, automation, detection engineering, and operational support across the AI delivery lifecycle.
Daily work includes implementing security controls for AI and agentic systems, validating configurations, supporting adversarial test preparation, building monitoring logic, partnering with engineering to harden prompt and tool behaviors, documenting controls, and ensuring AI solutions meet enterprise safety, traceability, and governance requirements before and after deployment.
***For this opportunity, Truist will not sponsor an applicant for work visa status or employment authorization, nor will we offer any immigration-related support for this position (including, but not limited to H-1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN-1 or TN-2, E-3, O-1, or future sponsorship for U.S. lawful permanent residence status.)***ESSENTIAL DUTIES AND RESPONSIBILITIES
Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Implement andmaintainsecurity controls for AI-enabled applications, agents, prompts, and workflow automations, including input validation, output filtering, access controls, and governed tool-use restrictions. Support development and operationalization of AI guardrails that reduce risk from prompt injection, unsafe responses, unauthorized tool execution, data leakage, and insecure workflow behavior. Assistwith adversarial and misuse-oriented testing activities by preparing scenarios,validatingdefenses, capturing findings, and supporting remediation with engineering teams. Build andmaintainmonitoring and alerting logic for AI or agentic systems, including suspicious prompt patterns, abnormal workflow behavior, anomalous tool invocation, or policy-violating output patterns. Contribute to runtime safety patterns such as content filters, role/permission boundaries, logging, evidence capture, and traceability controlsrequiredfor secure deployment and audit readiness. Partner with product and engineering teams to embed AI security expectations into design reviews, acceptance criteria, test plans, and deployment gates from the beginning of the delivery cycle. Validatethat AI-enabled solutions meet required security and governance standards before release, including deployment gate criteria, control validation, and documentation completeness. Support incident investigation and remediation for AI-related control failures, suspicious behavior, or production observations thatindicatesafety or security degradation. Helpmaintaincontrol documentation, implementation notes, runbooks, remediation evidence, and operating procedures for AI security engineering activities. Collaborate with AI quality, QA, platform, data, and security teams to ensure safe, resilient, and observable AI solutions across development and production environments. Continuously improve automation, guardrail logic,validationworkflows, and monitoring content as AI capabilities, workflows, and attack patterns evolve.
QUALIFICATIONS
Required Qualifications:
The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelors degree and equivalent combination of advanced education and experience, which could include any combination of 8 years of experience in IT software engineering, 5 years relevant business experience (i.e. making technical-related decisions on the business side), 5 years experience in project management, and at least 2 years of management experience Broad and in-depth knowledge of technology trends, competitive environment, regulatory requirements and trends, and IT strategies employed to continually meet the demands of clients and regulators Ability to translate enterprise level strategic planning information into software and data management needs, create business plans, and turn them into effective business solutions Executive level communications skills, including, strong negotiation/facilitation/presentation skills and experience negotiating with vendors for relevant products and services Ability to lead projects of significant complexity and risk exposure, particularly with enterprise-wide implications Ability to exercise judgment in solving technical, operational, and organizational challenges in the context of complex business objectives and priorities Ability to lead and manage the performance of multiple teams against a set of financial and operational objectives
Additional Requirements: 3+ years of experience in security engineering, cybersecurity operations, application security, or a closely related technical discipline. Hands-on experience implementing technical controls for enterprise software, APIs, cloud-native services, or automation workflows. Working knowledge of AI/LLM security concepts such as prompt injection, unsafe output handling, tool-use abuse, sensitive data exposure, and control boundary enforcement. Experience with logging, alerting, monitoring, ordetectioncontent foridentifyingsuspicious or policy-violating behavior in applications or workflows. Understanding ofaccess control, identity boundaries, secrets handling, secure integration design, and environment-based deployment controls. Ability to work with engineering teams to translate security concerns into implementable guardrails, validations, and release controls. Strong written documentation and communication skills, especially for controls, findings, remediation evidence, and technical guidance. Experienceoperatingwithin enterprise governance, security, and release-management practices where evidence-based deployment readiness matters.
PREFERRED QUALIFICATIONS Experience with AI or agentic security controls, prompt and output protection strategies, or security validation of LLM-enabled features. Experience with Microsoft, Azure, Copilot / Copilot Studio, or AI-enabled enterprise workflow platforms. Experience with adversarial testing, red teaming support, detection engineering, or misuse-case validation for AI-enabled systems. Experience in financial services, cybersecurity, regulated enterprise environments, or platforms with high audit and control requirements. Familiarity with secure tool-calling patterns, API protections, model or prompt change validation, and runtime traceability for AI systems. Working knowledge of cloud-native security patterns, telemetry analysis, and deployment gating for modern engineering teams.
OTHER JOB REQUIREMENTS / WORKING CONDITIONS Visual / Audio / Speaking Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone. Manual Dexterity / Keyboarding Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers. Availability Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need. Travel Up to 50% General Description of Available Benefits for Eligible Employees of Truist Financial Corporation: All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truists generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truists defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work. Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace. EEO is the Law E-Verify IER Right to Work
|
