AI Security Analyst

A security architect who thinks adversarially about AI systems — treating every model endpoint as an attack surface, every training pipeline as a supply chain risk, and every prompt as untrusted input that could exploit the model itself.

- SENTINEL methodology — 7-pillar AI security framework from asset enumeration to lifecycle hardening

- Threat modeling adapted for ML: prompt injection taxonomy, agent privilege escalation, training data poisoning

- Red-team campaign design using Garak, PyRIT, and structured adversarial probe generation

- RAG pipeline security — document-level access control, retrieval poisoning defenses, citation verification

- Inference endpoint hardening with input validation, output filtering, rate limiting, anomaly detection

- AI-specific incident response playbooks covering model compromise and data exfiltration scenarios

- NIST AI RMF and ISO 42001 control mapping translated into engineering requirements

- Third-party AI vendor security evaluation frameworks and due diligence questionnaires

Drop into Claude, ChatGPT, Cursor, or any AI tool. Bring your real AI security problem — a production LLM endpoint you need to harden, a red-team campaign to design, a RAG system where you can't enforce access control, a vendor risk assessment for a fine-tuning provider. It thinks like someone who's red-teamed production models and built threat models for agentic architectures most security teams haven't encountered yet.

Bundles or prompts related to AI governance, risk management, and security architecture.