Security Operations Engineer Jobs in New York

Job Description

Requisition ID

94174

Department

Tech Data AI Ventures

Job Function

Tech Data AI Ventures

Location

New York, New York, United States

Role Location Designation

Hybrid - 3 days per week

Location Designation: Hybrid - 3 days per week

The AI / ML Security Operations Engineer is a hands-on senior engineering role embedded within the Application Security organization, responsible for securing New York Life's machine learning and AI pipelines as they evolve from isolated experimentation into production, agentic, and automated decisioning systems. This role sits at the intersection of ML engineering, platform engineering, and security, and is accountable for establishing the controls, guardrails, and reference patterns that scale as AI adoption accelerates across the enterprise.

The engineer will be responsible for securing the full ML lifecycle, from data ingestion and feature pipelines through model training, registry, deployment, and execution, with a primary focus on Google Cloud Vertex AI as the enterprise ML platform. Day-to-day work includes building guardrails for agentic and tool-invoking AI use cases, protecting ML supply chain integrity, integrating ML security controls into existing AppSec CI/CD and SSDLC processes, contributing security requirements to ML platform and identity decisions owned by partner teams, and partnering directly with data scientists, ML engineers, and platform owners to operationalize secure-by-default patterns.

This is a senior individual contributor role with strong cross-functional influence expectations. The right candidate has done this work hands-on in a regulated environment and can also define enterprise standards, mentor peers, and engage credibly with risk, audit, and model risk management stakeholders.

What You'll Do:

The engineer will be responsible for securing the full ML lifecycle, from data ingestion and feature pipelines through model training, registry, deployment, and execution, with a primary focus on Google Cloud Vertex AI as the enterprise ML platform. Day-to-day work includes building guardrails for agentic and tool-invoking AI use cases, protecting ML supply chain integrity, integrating ML security controls into existing AppSec CI/CD and SSDLC processes, contributing security requirements to ML platform and identity decisions owned by partner teams, and partnering directly with data scientists, ML engineers, and platform owners to operationalize secure-by-default patterns.

This is a senior individual contributor role with strong cross-functional influence expectations. The right candidate has done this work hands-on in a regulated environment and can also define enterprise standards, mentor peers, and engage credibly with risk, audit, and model risk management stakeholders.

What You'll Bring:

• Bachelor's degree in Computer Science, Engineering, or equivalent practical experience, with 5+ years in application security, cloud security, or security engineering

• Hands-on production experience securing at least one major ML platform. Vertex AI strongly preferred, with SageMaker or Azure ML acceptable as transferable experience that will be cross-validated against GCP

• Strong working knowledge of the end-to-end ML lifecycle and MLOps workflows: data ingestion, feature pipelines, training jobs, model registry, deployment patterns, and online/offline serving

• Practical understanding of how ML environments should be separated across dev, training, staging, and production, and the ability to partner with platform teams to ensure those boundaries hold from a security standpoint

• Working knowledge of non-human identities, service accounts, workload identity federation, and automated CI/CD or pipeline-driven workflows, with the ability to evaluate whether identity patterns proposed by partner teams meet security requirements

• Fluency with AI/ML-specific threat scenarios including data poisoning, model theft, training data exfiltration, inference abuse, prompt injection, indirect prompt injection, unsafe tool invocation, and agentic misuse, and the ability to translate them into concrete controls

• Hands-on experience integrating security controls into CI/CD pipelines and infrastructure-as-code environments (Terraform, GitHub Actions, GitLab CI, Cloud Build, or equivalent)

• Working understanding of cloud IAM principles and least-privilege design, sufficient to review and provide security input on identity patterns owned by platform and cloud teams

• Application security fundamentals: authentication/authorization patterns, supply chain security (SLSA, SBOMs, signed artifacts), secure API design, and secrets management

• Proficiency in Python for automation, security tooling, and detection logic. Candidates should be able to walk through code they have personally written, not just reviewed

• Ability to operate as both a hands-on engineer and a pattern-setter, comfortable building the first instance of a control and then turning it into a reusable enterprise standard

Preferred Qualifications

• Direct experience securing agentic AI systems, orchestration frameworks (LangChain, LangGraph, Vertex AI Agent Builder, ADK, CrewAI), or autonomous tool-invoking workflows in production

• Working familiarity with AI security frameworks such as MITRE ATLAS, OWASP LLM Top 10, OWASP ML Top 10, NIST AI RMF, Google Secure AI Framework (SAIF), or Databricks AI Security Framework

• Experience designing governance models for ML platforms in financial services, healthcare, or another regulated industry, including how controls map to model risk management (SR 11-7) and applicable audit requirements

• Background working alongside data scientists and ML engineers on production model deployments, not just reviewing their work from a security distance

• Exposure to model risk management, model validation, or model controls partnerships with second-line risk functions

• Experience with policy-as-code and guardrail enforcement at scale (OPA / Rego, Cloud Custodian, Conftest, Sentinel, or equivalent)

• Familiarity with detection engineering for ML workloads, including log sources from Vertex AI, model serving endpoints, agent execution traces, and how to write meaningful detections against them

• Hands-on exposure to LLM gateways, content safety and guardrail products (Lakera, Protect AI, NeMo Guardrails, Llama Guard, Vertex AI Safety Filters), or self-built equivalents

Pay Transparency

Salary Range: $147,500-$211,000

Overtime eligible: Exempt

Discretionary bonus eligible: Yes

Sales bonus eligible: No

Actual base salary will be determined based on several factors but not limited to individual’s experience, skills, qualifications, and job location. Additionally, employees are eligible for an annual discretionary bonus. In addition to base salary, employees may also be eligible to participate in an incentive program.

Company Overview

At New York Life, our 180-year legacy of purpose and integrity fuels our future. As we evolve into a more technology-, data-, and AI-enabled organization, we remain grounded in the values that drive lasting impact.

Our diverse business portfolio creates opportunities to make a difference across industries and communities—inviting bold thinking, collaborative problem-solving, and purpose-driven innovation. Here, you’ll find the rare balance of long-standing stability and forward momentum, supported by an inclusive team that honors tradition while embracing progress.

As a Fortune 100 mutual company, we offer a place to grow your skills, contribute to meaningful work, and deliver solutions that matter. Your ideas drive what’s next, and your growth powers it.

Our Benefits

We provide a full package of benefits for employees – and have unique offerings for a modern workforce, including leave programs, adoption assistance, and student loan repayment programs. Based on feedback from our employees, we continue to refine and add benefits to our offering, so that you can flourish both inside and outside of work.

Our Commitment to Inclusion

At New York Life, fostering an inclusive workplace is fundamental to who we are and how we serve our communities. We have a longstanding commitment to creating an environment where individuals can contribute their best and succeed together. This foundation is rooted in our core values of humanity and integrity, ensuring that every employee feels valued and supported. By embracing a broad range of perspectives and experiences, we achieve greater success and fulfill our promise of providing financial security and peace of mind to families across all communities.

Recognized as one of Fortune’s World’s Most Admired Companies, New York Life is committed to improving local communities through a culture of employee giving and volunteerism, supported by the Foundation. We're proud that due to our mutuality, we operate in the best interests of our policy owners.

Job Requisition ID: 94174