Job Description
A client of Insight Global is seeking a Product Security Specialist to support product and AI security across enterprise applications. This is a hands-on individual contributor role combining AI Security Architecture with AI/LLM penetration testing and red teaming across Azure and AWS environments.
The role supports enterprise AI/LLM applications, agentic workflows, MCP servers, mobile apps, and web applications. You’ll define secure‑by‑design patterns, integrate controls into CI/CD pipelines (GitHub Actions), execute adversarial testing, and partner closely with engineering, ML, platform, and governance teams to operationalize a scalable AI Security Development Lifecycle (AISDL). The position balances technical execution, engineering collaboration, and repeatable security program development.
Key Responsibilities
Own AI security architecture for LLM apps, RAG pipelines, agent frameworks, and MCP servers
Build and operationalize AISDL integrated into SDLC/DevSecOps
Conduct AI/LLM penetration testing, red teaming, and adversarial testing
Define MCP server security standards and reusable secure patterns
Integrate AI security checks into CI/CD (SAST, DAST, secrets, dependencies, AI‑specific tests)
Define AI provenance and secure AI‑assisted development standards (GitHub Copilot, Claude Code)
Perform mobile (iOS/Android), web, API, cloud, and AI security assessments
Triage findings, drive remediation, and produce clear security deliverables
Mentor security champions and promote product security best practices
This position is a 12 month contract to hire role, will pay between 20-35 LPA and will have a hybrid work model 3 days a week onsite in Bangalore India.
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Required Skills & Experience
• Bachelor’s degree in computer science, Engineering, or equivalent experience.
8–12+ years (Specialist) of hands-on product security experience including penetration testing, application/product/cloud security and/or offensive security with strong hands-on engineering experience.
3+ years securing or testing LLM/GenAI systems (or equivalent demonstrable projects in production environments).
Practical experience with AI/ML, MCP security topics (threat modeling, adversarial testing, data integrity/privacy risks). Experience with secure ML model deployment and MLOps security.
Proven experience testing mobile apps (iOS/Android) and modern web/API/cloud services.
Strong knowledge of common vulnerability classes (OWASP Top 10, Mobile Top 10, LLM top 10, AI/ML top 10, API vulnerabilities) and mitigation techniques.
Hands-on with pentest tooling such as Kali Linux, Burp Suite, Frida, MobSF, apktool, IDA/Ghidra, SAST/DAST tools, AI application/services, MCP security and cloud security testing tools, DAS (Dynamic Application Security) platforms and global pentest program management.
Experience with security automation, CI/CD integration, IaC scanning, and SCA/SAST pipelines.
Familiar with secure coding principles and cloud platforms (AWS/Azure/GCP) and container orchestration.
Nice to Have Skills & Experience
Certifications: OSCP, OSWE, OSEP, GWAPT, CISSP, CEH, CREST, or relevant mobile/AI security certifications.
Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.