About the role:

The AI Security Analyst is a hybrid role combining security operations monitoring with AI-specific risk management and compliance support.

This position focuses on identifying, assessing, and mitigating risks associated with AI use (particularly generative AI and LLMs) across internal tools and customer-facing platforms, including prompt injection, data exposure, and model misuse, while contributing to traditional security monitoring.

The role does not involve building or training AI models but secures how AI is deployed, governed, monitored, and used within the organization.

About us:

At 8am, our vision is to power a world where professionals thrive. We start every day on a mission to empower professionals with the most trusted, innovative technology to deliver world-class outcomes for their clients and exceptional financial results for their business. They count on our purpose-built solutions to simplify operations, ensure compliance, and fuel profitable growth, so they can focus on their clients and do more of the work that matters.

Founded in 2005, 8am™ (formerly AffiniPay) is the professional business platform built to help legal, accounting, and other client-focused professionals run stronger, more profitable businesses. Today, more than 250,000 professionals across the U.S. trust 8am to help them work smarter, serve clients better, and unlock their full potential. We have been recognized as one of Inc 5000’s fastest growing companies in the U.S. for 13 years in a row, and as a result, our teams continue to grow as well!

What you'll do:

AI Security & Risk Management

• Identify and mitigate key AI-specific threats, including:
• Prompt injection, jailbreaking, and adversarial inputs
• Sensitive information disclosure (e.g., data leakage via inputs/outputs)
• Insecure output handling and excessive agency
• Model misuse, abuse, or overreliance
• Supply chain vulnerabilities in third-party AI services/models
• Inference-side attacks and exfiltration risks
• Partner with Engineering, Product, Legal, and Privacy teams to review AI use cases, conduct risk assessments, and recommend controls before production deployment.
• Evaluate third-party AI vendors and services for security posture.
• Develop, implement, and enforce technical and policy-based guardrails (e.g., input/output filtering, usage policies) for responsible AI adoption.
• Support AI-related incident response, investigation, and post-incident analysis.

Security Operations & Monitoring

• Perform SOC-style monitoring, alert triage, and investigation across cloud, application, and AI-enabled systems (including AI API usage and data flows).
• Enhance detection rules and logging for AI-specific activity.
• Contribute to threat modeling, particularly for AI integrations.

Compliance, Privacy & Governance Support

• Support audit readiness and compliance with:
• SOC 2, PCI DSS, HIPAA (as applicable), ISO standards
• Emerging AI frameworks (e.g., NIST AI RMF, ISO 42001, OWASP Top 10 for LLMs)
• Document AI security controls, risk assessments, and evidence for audits.
• Collaborate with Privacy and Compliance teams to align AI usage with data protection obligations.
• Monitor evolving AI regulations and translate them into actionable controls.

Cross-Functional Collaboration

• Serve as the go-to security advisor on AI initiatives, acting as an enabler of innovation.
• Educate stakeholders on AI risks, best practices, and secure usage patterns.

About you:

• 3–7 years of experience in information security, security operations, application security, or related fields.
• Working knowledge of:
• Familiarity with AI concepts, architectures, and common risks (e.g., OWASP Top 10 for LLMs).
• Experience supporting compliance/audit activities (SOC 2, PCI, HIPAA, ISO).
• Strong communication skills and ability to collaborate in a fast-paced SaaS environment.
  
• Demonstrated experience leveraging AI tools and technologies to improve workflows, enhance decision-making, or drive innovation.
  

Nice to Have:

• Hands-on experience securing AI/LLM applications or internal AI tools (e.g., guardrails, monitoring).
• Deep knowledge of AI governance frameworks (NIST AI RMF, ISO 42001).
• Background in SOC operations or regulated industries (fintech, payments, healthcare, legal tech).
• Experience with privacy/data protection controls in AI contexts.

Additional Information
The annual salary range for this position is $120,000 to $150,000. The salary range for performing this role outside of the US / Austin / California may differ. 8am is committed to offering competitive, fair and commensurate compensation and has provided an estimated pay range for this role. Actual compensation may vary based on job-related knowledge, skills, experience and education.

Why 8am:

At 8am, our culture is shaped by the people who bring it to life every day. Together, we build a company rooted in continuous learning, genuine community, holistic wellness, and meaningful engagement—values that empower us as individuals and unite us as a team. Our culture is grounded in our core values: Work Smart, Win Fast; Outshine Ordinary, and We Find a Way. These values drive how we serve our customers and work with each other in a collaborative, inspiring, and empowering environment, every day.

Here’s how we support our 8Team:

• Health Insurance Coverage: We offer our 8Team a variety of medical, dental, and vision plans, designed to fit your needs, including a 100% company-paid HDHP plan for employees.
• Financial perks: We offer a competitive compensation and benefits package including annual bonuses, equity options and 401(k) or RRSP if in Canada, with a company match for all team members.
• Time for what matters: Flexible Time Off, paid holidays, and a parental leave program for our new parents.
• Wellness: Wellness stipends, mental health support, and one-on-one nutrition coaching.
• Learning and Development: Continuous learning through 8am.edu, leadership programs, professional development funds, and individually focused talent development.
• Giving back to the communities around us: Participate in our charitable matching gift program, paid time off for volunteer service, and company-sponsored volunteer events (both local and virtually).
• Engagement: Virtual and in-person team-building events, quarterly award recognition through our Rise & Shine Award of Excellence Program, and our peer-to-peer appreciation platform.

At 8am, we don’t just offer benefits - we create an environment where people can thrive, grow, and make a real impact every day.

Diversity, equity & inclusion at 8am:

At 8am, we recognize that innovation occurs with a strong team of people who are diverse in background, personality, talent and ideas. Experience comes in many forms and ensuring a diverse and inclusive workplace where we continue to learn from each other is an integral part of our culture. We are committed to creating a welcoming and transparent environment for all that embraces those differences through education, equal access to opportunities and information, inclusionary programs, and community outreach.

Security advisory:

Our hiring teams at 8am are dedicated to recruiting top talent that share our passion for serving the professional services industry through innovative financial technology. As such, our Talent Acquisition Team only follows legitimate hiring practices. We will always communicate with our candidates using emails with the 8am domain and will never ask for sensitive/personal data during the application process. All interviews take place over phone call, Zoom/Google Meet or in person. All offers are communicated verbally by our Talent Acquisition Specialists with a written offer letter as a follow up.