Job Description

job summary:
*** Please only apply if you,re local to NJ and can go onsite in Mount Laurel 4 days a week ***

SUMMARY OF THE ROLE: IAM Engineer-AI We are seeking an AI IAM & Infrastructure Sr. Engineer to be a key technical leader, bridging the gap between cutting-edge AI innovation and our core IAM framework. Your mission will be to drive forward- looking security strategies and engineering solutions for Generative AI and LLM platforms, while specializing in leveraging AI security capabilities to augment and fortify existing enterprise solutions. Key Responsibilities: Research, Evaluation, and Design This role is primarily focused on providing AI Security/IAM Infrastructure solutions, researching, assisting in designing, and implementing solutions that mitigate gaps in security/IAM controls, and support leadership strategy and road maps. You will be responsible for conducting proof-of-concepts (PoC's) for new security technologies and protocols, and support hardening efforts to protect our mission-critical assets deployed across Azure, Google Cloud, and On-Premises environments. 1. Advanced Protocol and Application Security Generative AI Protocols: Evaluate and secure emerging standards for multi-agent workflows, such as the Agent-to-Agent (A2A) and Model Context Protocol (MCP). Threat Modeling: Support threat modeling exercises for new AI applications and pipelines to proactively identify design flaws and adversarial attack vectors (e.g., prompt injection paths). Mitigation Solutions: Support the design, build, and testing of security controls to mitigate common AI/ML attacks as outlined by frameworks like the OWASP Top 10 for LLM Applications, Mitre Atlas. 2. Access, Identity, and Cloud Controls IAM Design/implementation: Define and implement security designs for Identity and Access Management (IAM), specializing in securing non-human identities, service principles, and cross-cloud access. API Security: Own the security strategy for all AI service consumption, including hardening of API Gateways and securing authentication flows (e.g., OAuth 2.0/OIDC) for model endpoints. Secrets Management: Design and PoC the secure storage, injection, and rotation of confidential data (API keys, model weights, database credentials) using solutions like Azure Key Vault and GCP Secret Manager in support of AI Security Infrastructure initiatives. AI Cloud Hardening: Establish security configuration baselines, AI IAM framework, and network segmentation (e.g., Private Link, VPC Service Controls) for AI-specific cloud resources on Azure and GCP. 3. Collaboration and Strategy Translation AI Red Team Support: Provide essential infrastructure security expertise and tooling to support the AI Red Team program, helping them build secure testing environments and validate attack findings. Translation to Production: Collaborate with IAM, DevOps, Governance, Vulnerability Management, and Platform Engineering partners to translate successful security PoC's and designs into robust, production- ready solutions and Infrastructure as Code (IaC) controls. - Typical Day-to-Day Responsibilities - How much time is being spent in meetings - Who are they interacting with (internal/external) - Will the contractor have access to any customer data? MUST-HAVE Hard Skills: Technical Skills 1.Cloud KMS & Crypto - KMS concepts (GCP KMS, Azure Key Vault, HSM vs software keys) - Enveloping encryption patterns - full Key lifecycle experience: create → rotate → revoke → audit - IAM bindings at the key / key-ring level (not just project/subscription) & BYOK / CMEK integrations. 2. Non-Human Identity & Workload Identity -huge for agentic AI. - Service accounts / managed identities - Workload Identity Federation (OIDC) - Token exchange flows (STS) - Least-privilege scoping for automation and agents 3. Policy-as-Code & Guardrails for Low-code development + AI IAM guardrails - Terraform modules (inputs → opinionated defaults) - policy engines (OPA, Sentinel, Azure Policy) - Preventing key misuse via design/AI IAM framework module 4. Low-Code / Integration Fluency/AI - Azure Data Factory - Logic Apps / Power Automate - Notebook-driven pipelines (Databricks, Vertex) - agents build experience (planner + tools + memory) - Tool invocation patterns - understanding of Prompt/tool separation vs credential access - Experience with Vault and cloud KMS together (multi cloud environment experience) - Event-driven automation (Pub/Sub, Event Grid) - Exposure to AI platform security reviews and implementation

 
location: Mount Laurel, New Jersey
job type: Contract
salary: $90 - 95 per hour
work hours: 8am to 5pm
education: No Degree Required

responsibilities:
Key Responsibilities: Research, Evaluation, and Design

This role is primarily focused on providing AI Security/IAM Infrastructure solutions, researching, assisting

in designing, and implementing solutions that mitigate gaps in security/IAM controls, and support

leadership strategy and road maps. You will be responsible for conducting proof-of-concepts (PoC's) for

new security technologies and protocols, and support hardening efforts to protect our mission-critical

assets deployed across Azure, Google Cloud, and On-Premises environments.

1. Advanced Protocol and Application Security

Generative AI Protocols: Evaluate and secure emerging standards for multi-agent workflows, such as the

Agent-to-Agent (A2A) and Model Context Protocol (MCP).

Threat Modeling: Support threat modeling exercises for new AI applications and pipelines to proactively

identify design flaws and adversarial attack vectors (e.g., prompt injection paths).

Mitigation Solutions: Support the design, build, and testing of security controls to mitigate common AI/ML

attacks as outlined by frameworks like the OWASP Top 10 for LLM Applications, Mitre Atlas.

2. Access, Identity, and Cloud Controls

IAM Design/implementation: Define and implement security designs for Identity and Access Management

(IAM), specializing in securing non-human identities, service principles, and cross-cloud access.

API Security: Own the security strategy for all AI service consumption, including hardening of API

Gateways and securing authentication flows (e.g., OAuth 2.0/OIDC) for model endpoints.

Secrets Management: Design and PoC the secure storage, injection, and rotation of confidential data

(API keys, model weights, database credentials) using solutions like Azure Key Vault and GCP Secret

Manager in support of AI Security Infrastructure initiatives.

AI Cloud Hardening: Establish security configuration baselines, AI IAM framework, and network

segmentation (e.g., Private Link, VPC Service Controls) for AI-specific cloud resources on Azure and

GCP.

3. Collaboration and Strategy Translation

AI Red Team Support: Provide essential infrastructure security expertise and tooling to support the AI

Red Team program, helping them build secure testing environments and validate attack findings.

Translation to Production: Collaborate with IAM, DevOps, Governance, Vulnerability Management, and

Platform Engineering partners to translate successful security PoC's and designs into robust, production-

ready solutions and Infrastructure as Code (IaC) controls.

qualifications:
MUST-HAVE Hard Skills:

Technical Skills

1.Cloud KMS & Crypto

- KMS concepts (GCP KMS, Azure Key Vault, HSM vs software keys)

- Enveloping encryption patterns

- full Key lifecycle experience: create → rotate → revoke → audit

- IAM bindings at the key / key-ring level (not just project/subscription) & BYOK / CMEK integrations.

2. Non-Human Identity & Workload Identity -huge for agentic AI.

- Service accounts / managed identities

- Workload Identity Federation (OIDC)

- Token exchange flows (STS)

- Least-privilege scoping for automation and agents

3. Policy-as-Code & Guardrails for Low-code development + AI IAM guardrails

- Terraform modules (inputs → opinionated defaults)

- policy engines (OPA, Sentinel, Azure Policy)

- Preventing key misuse via design/AI IAM framework module

4. Low-Code / Integration Fluency/AI

- Azure Data Factory

- Logic Apps / Power Automate

- Notebook-driven pipelines (Databricks, Vertex)

- agents build experience (planner + tools + memory)

- Tool invocation patterns

- understanding of Prompt/tool separation vs credential access

- Experience with Vault and cloud KMS together (multi cloud environment experience)

- Event-driven automation (Pub/Sub, Event Grid)

- Exposure to AI platform security reviews and implementation

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact HRsupport@randstadusa.com.


Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.

Job Tags

Hourly pay, Contract work, Temporary work, For contractors, Work experience placement, Local area

Similar Jobs