The team fosters a collaborative environment and is building a best-in-class program to partner with the business to protect the Firm’s information and computer systems. Millennium is a complex and robust technical environment and securing the Firm from external and internal threats is a top priority.

Responsibilities

• Define and implement security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.
• Conduct specialized threat modeling, red teaming, and risk assessments for AI/ML models (e.g., testing for prompt injection, model theft, and data poisoning).
• Lead risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects.
• Engage throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards.
• Evangelize AppSec and AI security best practices through developer education, training materials, and outreach.
• Design robust security architectures and integrate automated security testing (SAST/DAST/SCA) into CI/CD pipelines.
• Partner with Technology, Trading, Legal, and Compliance to create policies and communicate technical risks to non-technical stakeholders.

Qualifications

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field.
• 5+ years’ experience working as an Application Security Engineer, Software Engineer, or similar role.
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs.
• Experience working with AI models, Agentic frameworks and security risks associated with AI.
• Experience in working with global teams, collaborating on code and presentations.
• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols.
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions.
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar.
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies.
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus.
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous.

XML job scraping automation by YubHub

The successful candidate will have a proven understanding in enterprise security and AI security and will focus on defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks, ensuring safe enterprise adoption.

Key responsibilities include:

• Defining and implementing security guardrails for Generative AI, LLMs, and Agentic frameworks
• Conducting specialized threat modeling, red teaming, and risk assessments for AI/ML models
• Leading risk management activities, including application risk assessments, design reviews, and mitigation strategies for IT projects
• Engaging throughout the SDLC to identify vulnerabilities, conduct code reviews/penetration testing, and enforce secure coding standards
• Evangelizing AppSec and AI security best practices through developer education, training materials, and outreach

Qualifications include:

• Bachelor's degree or higher in Computer Science, Computer Engineering, IT Security or related field
• 5+ years' experience working as an Application Security Engineer, Software Engineer, or similar role
• Deep understanding of AI-specific risks (OWASP Top 10 for LLMs) and experience securing applications utilizing LLMs
• Experience working with AI models, Agentic frameworks and security risks associated with AI
• Experience in working with global teams, collaborating on code and presentations

Preferred qualifications include:

• Demonstrated work experience in hybrid on-premise and Public Cloud environments (AWS/GCP/Azure)
• Strong understanding of security architectures, secure configuration principles/coding practices, cryptography fundamentals and encryption protocols
• Experience with common SCM & CI/CD technologies like GitHub, Jenkins, Artifactory, etc. and integrating Security Scanning and Vulnerability Management into the CI/CD Pipelines
• Familiarity with static and dynamic security analysis tools, and SCA/SBOM solutions
• Hands on experience with Secrets Management & Password Vault technologies such as Delinea Secret Server and/or Hashicorp Vault, etc.
• Strong experience in secure programming in languages such as Python, Java, C++, C#, or similar
• Familiarity with Infrastructure as Code tools (CloudFormation, Terraform, Ansible, etc.)
• Familiarity with web application security testing tools and methodologies
• Knowledge of various security frameworks and standards such as ISO 27001, NIST, OWASP, etc.
• Knowledge of Linux, OS internals and containers is a plus
• Certifications like CISSP, CISM, CompTIA Security+, or CEH are advantageous

We offer a competitive salary and benefits package, as well as opportunities for professional growth and development.

XML job scraping automation by YubHub

Your responsibilities will include developing self-service security frameworks and 'paved roads' that allow engineering teams to ship secure code by default. You will focus on automated guardrails for common vulnerabilities, while prioritising deep-dive design reviews into complex business logic and data isolation issues. You will also partner with product and engineering teams to review designs early, contribute to threat modelling for new features and complex initiatives, and provide clear, actionable security guidance.

You will research emerging threats and evolving best practices, specifically regarding AI and LLM safety, and implement controls to secure these workflows. You will manage and evolve our approach to external penetration testing and bug bounties, driving remediation for findings and treating vulnerability management as an engineering problem.

You will contribute to the long-term roadmaps, metrics, and strategic planning for the security team. As a senior member of the team, you will lead complex threat modelling sessions for major product launches and define secure coding standards, and actively mentor other engineers to raise the technical security bar across the organisation.

We are looking for a highly experienced Product Security Engineer with a strong background in computer science or a related field, and proficiency in writing clean, maintainable code. You should have deep familiarity with JavaScript or TypeScript, Node.js, and modern web application frameworks, and be able to reason about the security implications of systems built on them. You should also have hands-on experience securing LLM integrations and identifying prompt injection or data leakage risks.

You will excel at communicating complex security risks to non-security stakeholders and enjoy collaborating cross-functionally to find solutions that balance security with engineering velocity. You will be comfortable working in a fast-paced environment, navigating ambiguity, continuously learning about emerging threats and technologies, and contributing to long-term security strategy.

XML job scraping automation by YubHub

We are looking for a FBS Associate Data Scientist to join our team. As a FBS Associate Data Scientist, you will utilize basic knowledge to apply analytics and modeling techniques to improve business results. You will perform routine assignments and leverage customer information and behavioral data to influence strategic business decisions while using analytics, multi-variate models, machine learning and data mining technologies.

Responsibilities

• Utilize conceptual knowledge of consumer analytics including retention models, agency economics, and lead optimization in your daily work.
• Utilize basic knowledge of programming, ETL and modeling methods to execute projects and assist the team through examples of good technical skills.
• Execute on low-complexity business challenges involving data science.
• Succeed in projects by utilizing a data science vision for project success, and accomplish successfully within prescribed timelines.
• Execute on routine projects with a sense of urgency.
• Contribute to development of presentations.
• Occasionally communicate complex technical material understandable to non-technical associates.
• Execute basic to intermediate model deployments via established MLOps techniques.
• Work with analytics and IT teams to deploy models/rules.

Requirements

• 1+ years of experience working in a Data environment
• Basic knowledge of data analysis, manipulation tools such as Python.
• Understanding on statistics in modeling side.
• Strong verbal communication and listening skills.
• Demonstrated written communication skills.
• Demonstrated time management and priority setting skills. with some guidance.
• Developing ability to consult on data extraction, data manipulation and data design for statistical, modeling and monitoring needs with guidance.
• Able to adapt quickly to new technologies.

Nice to have

• Proficiency working on large-scale structured and unstructured multidimensional data using conceptual knowledge of open-source cloud-enabled analytical programming languages.
• Basic proficiency in predictive and prescriptive modeling using advanced machine learning and deep learning techniques.
• Conceptual knowledge of ML/AI model deployment best practices.
• Conceptual knowledge of coding standards and version control (Git).

Benefits

This position comes with a competitive compensation and benefits package.

• A competitive salary and performance-based bonuses.
• Comprehensive benefits package.
• Flexible work arrangements (remote and/or office-based).
• You will also enjoy a dynamic and inclusive work culture within a globally renowned group.
• Private Health Insurance.
• Paid Time Off.
• Training & Development opportunities in partnership with renowned companies.

XML job scraping automation by YubHub