AI Security Engineer
Company: EMCOR
Location: Norwalk, CT 06851 (Remote)
Salary: $134,000 - $171,000 a year
Type: Full-time
Remote: Yes
Posted: 2026-06-30
About this role
About Us:
A Fortune 500® company, EMCOR Group, Inc. (NYSE: EME) is a leader in mechanical and electrical construction, industrial and energy infrastructure, and building services. EMCOR companies plan, install, operate, maintain, and protect the sophisticated and dynamic systems that create facility environments—such as electrical, mechanical, lighting, air conditioning, heating, security, fire protection, and power generation systems—in virtually every sector of the economy and for a diverse range of businesses, organizations, and government.
Job Summary:
EMCOR Group, Inc. seeks an AI Security Engineer who will be responsible for securing the organization’s artificial intelligence capabilities—including GenAI systems, ML pipelines, model hosting, AI integrations, and AI-enabled business processes—through a combination of security architecture, governance, risk management, and hands-on engineering. This role designs and implements security controls to reduce risks such as prompt injection, data leakage, model exfiltration, supply-chain compromise, unauthorized use, and AI-driven abuse, while enabling safe adoption across the enterprise.
Essential Duties & Responsibilities:
- Adopt and maintain the Enterprise AI Security Reference Architecture
- Establish security patterns and guardrails for AI use cases including approved data sources, allowed tools, etc.
- Conduct threat modeling for AI systems and integrations and translate threats into technical controls
- Operationalize AI governance with EMCOR Legal and Risk
- Work with EMCOR Security Governance, Risk and Compliance (GRC) to maintain the AI risk assessment process
- Implement and maintain controls to prevent data leakage and sensitive information exposure in AI prompts, outputs, logs, and training sets
- Work with EMCOR Security Identity and Access Management (IAM) and GRC to deploy and tune protections like DLP, data classification, prompt and response filtering, RAG hardening and model endpoint security
...