Senior AI Cloud Security Engineer

Posted:
7/14/2026, 3:00:20 AM

Location(s):
Toronto, Ontario, Canada ⋅ Massachusetts, United States ⋅ Ontario, Canada ⋅ Boston, Massachusetts, United States

Experience Level(s):
Senior

Field(s):
DevOps & Infrastructure ⋅ IT & Security ⋅ Software Engineering

Workplace Type:
Remote

Pay:
$107k–$154k/yr

A Senior AI Cloud Security Engineer is responsible for building, automating, and enforcing security controls across cloud infrastructure and AI platforms. This role focuses on engineering secure-by-default systems, integrating security into development workflows, and protecting enterprise AI initiatives.

This job description is not a comprehensive listing of all job duties required for this role. We reserve the right to change these duties or assign additional duties at any time with or without notice.

Work location: Toronto - Canada or Boston - USA

Work arrangement: Hybrid - 3 days in office, 2 days from Home;

Remote working option is not available.

Position Responsibilities:

The Security AI Cloud Security Engineer is responsible for designing, implementing, and automating security controls across cloud and AI environments, ensuring secure-by-default architecture, continuous compliance, and protection against evolving threats. This includes:

  • Implement and operate AI Security Posture Management (AI SPM) solutions, including Cloud security posture management to continuously assess, detect, and remediate risks across AI and cloud environments

  • Secure AI and Generative AI workloads, including model pipelines, training data, inference APIs, and LLM integrations against threats such as prompt injection, data leakage, model abuse, and adversarial attacks

  • Design and implement AI SPM controls to provide visibility into AI assets, monitor model usage and access patterns, enforce security guardrails, and manage AI risks across the full lifecycle

  • Embed security into CI/CD and MLOps pipelines (DevSecOps) using automated controls such as SAST/DAST, IaC scanning, secrets detection, and compliance enforcement gates

  • Develop and maintain security policies and policy-as-code frameworks (e.g., Azure Policy) to enforce governance, regulatory compliance, and responsible AI usage

  • Engineer monitoring, detection, and response capabilities for cloud and AI systems, integrating telemetry with SIEM/SOAR platforms for centralized visibility and automated response

  • Perform security testing and validation across cloud, application, API, and AI layers, including AI-specific scenarios such as prompt injection and model misuse prior to production deployment

  • Automate security operations through scripting and tooling (e.g., Python, PowerShell) to improve efficiency, scalability, and consistency of controls

  • Conduct risk assessments, threat modeling, and security reviews for cloud infrastructure and AI systems to identify vulnerabilities and implement mitigation strategies

  • Collaborate with AI teams, and security stakeholders to drive secure-by-design architectures and enable scalable, governed AI adoption

    • Additional Engineering responsibilities:

    • Triage and analyze findings from security tools including AI SPM platforms, IaC scanners, CSPM, and vulnerability management tools, ensuring timely prioritization and remediation across cloud and AI environments

    • Research and stay current on emerging security standards, AI security trends, threat vectors, and vulnerabilities, including risks specific to Generative AI, LLMs, and ML systems

    • Hands-on Experience With AI security tools, and Understanding of LLM and AI-specific threats.

    • Develop, document, and disseminate security guidelines, remediation playbooks, and hardened baselines for both cloud and AI systems

    • Collaborate with Penetration Testing teams to perform security assessments across cloud platforms and AI systems, including adversarial testing, prompt injection simulations, and AI misuse scenarios

    • Partner with Security Operations (SOC) and Incident Response teams to ensure effectiveness of preventive, detective, and responsive controls for cloud and AI environments

    • Implement and tune monitoring and detection controls for cloud infrastructure and AI systems, and support response to AI-related threats such as model abuse or data leakage

    • Build and maintain automation to streamline security tasks, testing, validation workflows, and remediation processes across cloud and AI pipelines

    • Configure, integrate, and maintain security tools and technologies, for AI SPM solutions, Model and Agent security solution, , ensuring comprehensive coverage across cloud and AI workloads

    • Continuously evaluate and recommend proactive security improvements based on evolving cloud and AI threat landscapes, including enhancements to AI governance and security posture

    • Provide guidance to engineering and AI teams on secure AI development practices, responsible AI usage, and compliance with AI governance frameworks

    Required Qualifications:

    • Minimum 7-8 years IT industry experience

    • Minimum 5+ years of experience in cloud and security engineering, with strong hands-on expertise in Azure or similar cloud platforms

    • Required experience in AI Security and AI SPM, including securing AI and Generative AI systems and managing risks such as prompt injection, data leakage, and model abuse

    • Proven experience with CSPM, CWP, and IaC and implementing secure cloud architectures

    • Strong understanding of DevSecOps practices, including CI/CD security, SAST/DAST, IaC scanning, and automation (Python/PowerShell)

    • Experience developing and enforcing security policies and policy-as-code frameworks aligned with standards like NIST, ISO, and CIS

    • Knowledge of security monitoring, SIEM/SOAR, and incident response for cloud and AI environments

    • Experience with security testing, threat modeling, and risk assessments

    • Strong collaboration and communication skills, with the ability to work across cloud, AI, and security teams

    • Skills:

    • Cloud Security

    • AI posture management

    • AI Runtime Security

    • AI Model Security

    • AI Agent Security

    • Cloud Configuration Management

    • Risk Management

    • Security Monitoring

    • Security Frameworks

    • Encryption Techniques

    • Network Security

    • Regulatory Compliance

    Preferred Qualifications:

    • Bachelor's degree of higher in Software Engineering or Computer Science is desired

    When you join our team:

    • We’ll empower you to learn and grow the career you want.

    • We’ll recognize and support you in a flexible environment where well-being and inclusion are more than just words.

    • As part of our global team, we’ll support you in shaping the future you want to see.

    For hiring in Boston - USA, Base Salary range: $107,450 USD - $153,500 USD (mid-point) - $199,550 USD

    The role being advertised is an existing vacancy.

    About Manulife and John Hancock

    Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit https://www.manulife.com/en/about/our-story.html.

    Manulife is an Equal Opportunity Employer

    At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

    It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact [email protected].

    Referenced Salary Location

    CAN, Ontario, Toronto, 250 Bloor Street East

    Working Arrangement

    Hybrid

    Salary range is expected to be between

    $113,000.00 CAD - $163,000.00 CAD

    Employees also have the opportunity to participate in incentive programs and earn incentive compensation tied to business and individual performance. The actual salary will vary depending on local market conditions, geography and relevant job-related factors such as knowledge, skills, qualifications, experience, and education/training. If you are applying for this role outside of the primary location, please contact [email protected] for the salary range for your location.

    Manulife offers eligible employees a wide array of customizable benefits, including health, dental, mental health, vision, short- and long-term disability, life and AD&D insurance coverage, adoption/surrogacy and wellness benefits, and employee/family assistance plans. We also offer eligible employees various retirement savings plans (including pension and a global share ownership plan with employer matching contributions) and financial education and counseling resources. Our generous paid time off program in Canada includes holidays, vacation, personal, and sick days, and we offer the full range of statutory leaves of absence. If you are applying for this role in the U.S., please contact [email protected] for more information about U.S.-specific paid time off provisions.

    We use data and analytics technologies, such as artificial intelligence (AI), and automated processing tools, to analyze and process the information you provide to us or third parties in the application process. For more information, please refer to our personal information collection statement.