Job Description
Director, AI Security Automation Engineering
Program Manager
Bethesda, MD
ABOUT PRISM:
PRISM is devoted to modernization and innovation within the world of technology, security, and IT enterprise solutions. We are recognized for meeting performance requirements and exceeding customer expectations since 1994. Our culture is founded on relationships, opportunity, and success. Offering comprehensive benefit plans including medical, dental, vision, and 401K along with our people - first approach sustains our reputation as a premier employer. PRISM Inc. is seeking a Director, AI Security Automation Engineering to support a large enterprise client. In this role, you will be responsible for transforming how our enterprise conducts security reviews for AI systems. This role is tasked with replacing ad hoc, manual assessments with repeatable, AI-assisted, graph-informed review operations at global scale. KEY RESPONSIBILITIES
Security Review Process Standardization:
Design and operationalize review archetype templates for modern AI deployment patterns (e.g., agentic AI, conversational platforms, IoT+AI, and enterprise SaaS AI). Develop deployment-paradigm-specific intake questionnaires that auto-route to dynamic control checklists. Throughput Engineering:
Define review complexity weighting models with strict cycle time targets. Establish acceptance criteria and measurable throughput metrics—cycle time, queue depth, completion rate, and rework rate—and own the operational dashboards that track them. AI-Assisted Assessment Automation:
Architect and deliver LLM-powered security assessment capabilities, including automated threat model generation from architecture descriptions, control-to-architecture mapping, risk recommendation engines, and cross-review pattern recognition. Design automated intake and triage pipelines with intent classification and complexity scoring integrated via workflow APIs. Pattern Graph and Knowledge Architecture:
Build and maintain a security pattern graph ontology—a labeled property graph connecting patterns, controls, components, threats, standards, and impact tiers into a queryable knowledge graph. Implement graph-based tooling for gap analysis traversals and compliance queries across AI risk classifications. Control Mapping and Evidence Pipelines:
Build repeatable control mapping patterns linking security controls to review findings. Develop OSCAL-aligned evidence packaging pipelines that machine-readably connect review findings to control attestations for automated compliance reporting. Governance Pipeline Optimization:
Map and optimize the full security review governance pipeline from intake through architecture review boards to production authorization. Drive process alignment with global regulatory frameworks (including EU AI Act obligations) regarding risk classification and quality management system traceability. Cross-Functional Coordination:
Partner with platform engineering teams on review intake automation, authorization lifecycle integration, and evidence collection API contracts. Coordinate with assurance and risk teams on risk scoring and independent verification handoff criteria. REQUIRED QUALIFICATIONS
(EDUCATION/SKILLS): Education:
Master's or Ph.D. in Computer Science, Cybersecurity, Information Systems, or a related STEM field (or equivalent enterprise experience). Core Experience:
10+ years designing, building, and operating complex data models, knowledge graphs, or system architectures requiring structured reasoning over large rule sets or compliance taxonomies. Security Experience:
2+ years in cybersecurity, security architecture, or security risk management with hands-on exposure to security assessments, threat modeling, or control mapping in highly regulated or large-scale enterprise environments. Automation Track Record:
Demonstrated experience applying AI/ML to automate security, compliance, or GRC workflows at enterprise scale—not just using AI tools, but actively building them. Process Transformation:
Proven track record of converting manual, unscalable review processes into repeatable, metrics-driven, AI-assisted operations with measurable throughput improvements. Communication:
Strong interpersonal skills, with the ability to brief senior executives on pipeline metrics, present threat models to technical review boards, and coordinate across privacy, engineering, and legal teams. PRISM is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
