Posted Jul 13, 2026

AI Security Engineer (GRC)

Apply for this Position →

Founded in 1977 as the Senior Care Action Network, SCAN began with a simple but radical idea: that older adults deserve to stay healthy and independent. That belief was championed by a group of community activists we still honor today as the “12 Angry Seniors.” Their mission continues to guide everything we do.

Today, SCAN is a nonprofit health organization serving more than 500,000 people across Arizona, California, Nevada, New Mexico, Texas, and Washington, with over $8 billion in annual revenue. With nearly five decades of experience, we have built a distinctive, values-driven platform dedicated to improving care for older adults.

Our work spans Medicare Advantage, fully integrated care models, primary care, care for the most medically and socially complex populations, and next-generation care delivery models. Across all of this, we are united by a shared commitment: combining compassion with discipline, innovation with stewardship, and growth with integrity.

At SCAN, we believe scale should strengthen—not dilute—our mission. We are building the future of care for older adults, grounded in purpose, accountability, and respect for the people and communities we serve.

The Job

The AI Security Engineer (GRC) serves as the organization's dedicated subject matter expert at the intersection of artificial intelligence and cybersecurity within a regulated healthcare environment. This role is responsible for evaluating AI vendors and technologies, establishing and enforcing secure AI implementation standards, and providing hands-on guidance to development and engineering teams adopting AI platforms such as Microsoft Copilot Studio, Azure AI Foundry, Snowflake Cortex, Claude Code, and other large language model (LLM)-powered tooling.

Operating within the HIPAA-regulated landscape, this analyst will ensure AI integrations — including Model Context Protocol (MCP) servers, agentic workflows, command-line interfaces (CLIs), APIs, and third-party AI extensions — are architected and deployed in a manner consistent with NIST AI RMF, HITRUST, and organizational security policies. The role acts as a trusted advisor, security gatekeeper, and enabler for responsible AI adoption across the enterprise.

You Will

1. AIVendor & Technology Evaluation

  • Lead structured security assessments of AI vendors, platforms, and tools prior to organizational adoption or renewal

  • Evaluate vendor data handling practices, model trainingtransparencyanddata residency

  • Assess the security posture of AI platforms including:

  • Microsoft Copilot Studio — plugin trust boundaries, connector authentication, Power Platform DLP policies

  • Azure AI Foundry — model deployment pipelines, private endpoint configuration, managed identity usage

  • Snowflake Cortex — data access controls in AI-generated SQL, Snowpark security, role-based privilege enforcement, Cortex function access policies, and query result exposure risks

  • Claude Code & Anthropic APIs — system prompt injection risks, tool use / agentic permissions, data retention settings

  • GitHub Copilot, Cursor, and other AI-assisted development tools — code telemetry and secret leakage exposure

  • Produce written Vendor Security Assessment Reports (VSARs) including risk ratings, compensating controls, and recommendations

  • Maintain an AI technology registry with risk classifications and review cadence schedules

2. SecureAI Implementation Guidance for Development Teams

  • Serve as the embedded security advisor to software engineering, data science, and clinical informatics teams adopting AI tooling

  • Define and enforce secure-by-default configurations for AI development environments and agentic systems

  • Review and approve MCP server configurations, ensuring:

  • Tool definitions follow least-privilege principles — no excessive file system, network, or shell access

  • Server authentication uses OAuth 2.0 /mTLSand does not rely on static API keys stored in plaintext

  • Transport layer security (TLS 1.2+) is enforced on all MCP server communications

  • Prompt injection attack surfaces areidentifiedand mitigated in tool descriptions and system prompts

  • Logging and audit trails are enabled for all MCP tool invocations touching PHI or sensitive data

  • Establish CLI security standards for AI-assisted development tools (Claude Code CLI, GitHub Copilot CLI, Azure Developer CLI), including credential hygiene, shell history scrubbing, and token scope minimization

  • Conduct secure code review for AI integration code — with focus on prompt injection, insecure deserialization, and unsafe agentic action chains

  • Develop andmaintaina library of reference architectures, secure configuration templates, and implementation checklists for approved AI platforms

3. AIRisk Management & Compliance

  • Maintainthe organization's AI Risk Register aligned with NIST AI RMF (Govern, Map, Measure, Manage)

  • Ensure AI deploymentscomply withHIPAA Security Rule (45 CFR §164), HITECH Act obligations, and applicable state privacy laws

  • Conduct AI-specific Threat Modeling (STRIDE / PASTA) and red-team exercises targeting:

  • Prompt injection and jailbreak scenarios

  • Indirect prompt injection via external data sources (email, documents, web retrieval)

  • Model inversion and membership inference attacks on fine-tuned healthcare models

  • Data exfiltration through agentic tool chains

  • Track emerging AI threats and threat actor TTPs relevant to healthcare AI systems via MITRE ATLAS and sector ISACs

  • Participate in AI governance committee meetings and contribute AI security perspectives to organizational AI policies

4. SecurityIntegration Reviews

  • Review AI integration architectures for network segmentation, data flow, and trust boundary enforcement

  • Validate that PHI is never transmitted to external AI models without de-identification or explicit BAA coverage

  • Assess retrieval-augmented generation (RAG) architectures for unauthorized data access and embedding extraction risks

  • Evaluate agentic AI workflows and multi-agent orchestration systems for privilege escalation and uncontrolled action chains

  • Provide security sign-off on AI infrastructure as part of the Change Advisory Board (CAB) process

5. Training, Awareness & Policy

  • Develop AI security training curricula for developers, data engineers, clinical staff, and IT personnel

  • Author andmaintainAI security policiesincluding:Acceptable Use of Generative AI, AI Vendor Onboarding Standards, MCP and Agentic System Security Policy, and Sensitive Data Handling in AI Contexts

  • Publish internal guidance and threat intelligence briefings tailored to clinical and technical audiences

Your Qualifications

What's in it for you?

We're always looking for talented people to join our team! Qualified applicants are encouraged to apply now!

At SCAN we believe that it is our business to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects our community through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more.

SCAN is proud to be an Equal Employment Opportunity and Affirmative Action workplace. Individuals seeking employment will receive consideration for employment without regard to race, color, national origin, religion, age, sex (including pregnancy, childbirth or related medical conditions), sexual orientation, gender perception or identity, age, marital status, disability, protected veteran status or any other status protected by law. A background check is required.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

Originally posted on