Job Specifications
Title: Machine Learning Security Ops
Location: Roseland, NJ
Duration: 12+ Months Contract-to-hire (W2 only)
Job Details:
Design, implement, and maintain secure ML pipelines for model evaluation, validation, deployment, and inference.
Assess and mitigate security risks throughout the ML lifecycle, including data ingestion, model storage, and deployment.
Develop and maintain code for ML pipelines using Python and CICD, ensuring robust security controls and compliance with best practices.
Institutionalize security scanning of Al/ML models in line with shift left strategy; interpret results and remediate identified issues.
Evaluate and optimize model inference deployment strategies, balancing security, performance, and resource utilization.
Monitor and secure both structured and unstructured data storage systems used in ML workflows.
Stay current on top vulnerabilities affecting Machine Learning Models, Large Language Models (LLMS), and Al agents, such as prompt injection, data poisoning, model theft, and adversarial attacks.
Collaborate with data scientists, ML engineers, and security teams to drive adoption of secure ML practices.
Build a solution to generate Machine Learning Bill of Materials (AlBoM)
Establish strong partnership with key stakeholders in technology and product organizations.
Perform other duties as required.
Hands-on experience with MLOps pipelines and model deployment tools (e.g., Kubeflow, MLflow, SageMaker).
Strong programming skills in Python and CICD for automation and pipeline development.
Deep understanding of ML model training and inference algorithms, including their security implications.
Familiarity with structured (SQL, data warehouses) and unstructured (object storage, NoSQL) data systems.
Familiarity with Databricks
Experience with ML security tools for model scanning and vulnerability assessment.
Knowledge of top OWASP Al/ML vulnerabilities, including:
Prompt injection
Data and model poisoning
Model extraction and inversion
Adversarial example attacks
Supply chain risks in ML components
Strong communication skills and ability to document and explain Cybersecurity and Al/ML security controls to technical and non-technical stakeholders.
Understanding of AL/ML model formats such as pickle, tensorflow, safetensors
Experience in rolling out model scanning solution as part of model development.
Understanding CI/CD pipelines covering source control, integration, and deployment (ex: Bitbucket, Jenkins, Rally, JIRA, Artifactory, Nexus, SonarQube, git, Snyk).
Previous software engineering/architecture experience (Java, C#, Net, JavaScript, Python) preferred.
Strong analytical/problem solving skills and cross functional knowledge across multiple development and security disciplines.
Experience with development of RESTful web services
Understanding of advanced iterative Agile, Cloud and Container Security, GenAl Security
Exceptional problem-solving skill
Excellent communication and presentation skills
Ability to be a good team player as part of remote teams
Self-motivated with positive attitude
Should be able to work independently.
Qualifications:
Eight years or more experience in various IT or cybersecurity roles, with five or more years of experience specifically in software engineering roles.
Deep knowledge and understanding of Al/ML Security and related risks
Candidate should be very thorough in internet technologies and highly versed with web development best practices.
Strong analytical/problem solving skills and cross functional knowledge across multiple development and security disciplines.
Ability to communicate security-related concepts to a broad range of technical and non-technical stakeholders.
Understanding of advanced iterative Agile and container & cloud security
Familiarity with micro-services architecture and Design Patterns
Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
Any of the following are a plus but not necessary: CEH, CISSP, CSSLP, GCIA, GPEN, GWAPT
About the Company
InvestM is a diversified workforce solutions firm that provides project-based staffing, contingent staffing, and direct placement services to Fortune 5000 companies and US Government Agencies. To identify top talent, our screening and hiring process uses a quantitative and data-driven methodology, that is cost-efficient, scalable, and works for all industries in need of qualified talent.
*****Geographic regions we service******
USA | Canada | UK | Australia | Hong Kong | Saudi Arabia | UAE
*****Industry Verticals that we...
Know more