CNA Insurance

Senior Security Engineer Platform AI Security

CNA Insurance  •  $72k - $141k/yr  •  Chicago, IL (Onsite)  •  7 hours ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.

Job Description

You have a clear vision of where your career can go. And we have the leadership to help you get there. At CNA, we strive to create a culture in which people know they matter and are part of something important, ensuring the abilities of all employees are used to their fullest potential.

The Senior Security Engineer, Platform Security Tooling & AI is a hands-on technical contributor embedded within the Platform Security team, responsible for the implementation, operationalization, and ongoing optimization of selected AI security technologies across CNA's enterprise. This role is the primary driver of moving AI security tools from selection through full production deployment — ensuring they are effectively integrated, adopted, and sustained within CNA's security ecosystem.

In addition to implementation ownership, this role leads comparative vendor analysis and technology vetting, delivering structured, evidence-based assessments that inform platform selection decisions. The Senior Security Engineer partners closely with the SOC, Threat Management, Detection Engineering, Security Advisory, Cloud Security, Application Security, IAM, and Data Security teams to ensure AI security platforms are operationalized in a way that is practical, scalable, and aligned with enterprise security objectives.

Essential Duties & Responsibilities

Implementation & Operationalization

  • Own the end-to-end implementation of selected AI security technologies, from deployment planning through production rollout and steady-state operations.
  • Develop and execute operationalization plans for AI security platforms, including integration with existing security tools, workflows, and processes (e.g., SIEM, EDR, SOAR, PAM).
  • Define and maintain operational runbooks, standard operating procedures, and configuration baselines for deployed AI security technologies.
  • Partner with the SOC, Detection Engineering, and Threat Management teams to ensure AI security capabilities are fully utilized and tuned to CNA's environment.
  • Oversee managed service partners and vendors supporting deployed platforms, holding them accountable to SLAs and quality standards.
  • Monitor deployed platforms for performance, effectiveness, and emerging gaps, driving continuous improvement post-implementation.

Vendor Evaluation & Comparative Analysis

  • Lead structured comparative analysis of candidate AI security technology vendors, evaluating solutions against defined security, operational, and business requirements.
  • Develop and maintain evaluation criteria, scoring frameworks, and RFI/RFP documentation for AI security tooling.
  • Design and execute hands-on proofs of concept, technical pilots, and benchmarking exercises to validate vendor claims and assess real-world fit.
  • Produce clear, evidence-based vendor assessment reports with actionable recommendations for platform selection decisions.
  • Track the AI security vendor landscape, emerging capabilities, and competitive developments to inform the team's long-term tooling roadmap.

Cross-Functional Collaboration & Enablement

  • Serve as the Platform Security team's technical liaison to the AI Governance review process, providing the implementation and operationalization perspective on AI security initiatives.
  • Partner with Risk, Legal, and AI Governance teams to ensure deployed AI security technologies meet compliance and regulatory requirements.
  • Apply industry standards and frameworks (e.g., NIST AI RMF, MITRE ATT&CK, OWASP Top 10 for LLMs, MITRE ATLAS) to implementations and vendor evaluations.
  • Mentor and support team members on AI security platform capabilities, implementation best practices, and operational procedures.
  • Communicate implementation status, vendor findings, and platform health to leadership in clear, accessible terms.

Reporting Relationship

Typically reports to a Director; works in close coordination with the AI Security team, AI Governance, and other Security domain leads.

Skills, Knowledge & Abilities

  • Deep working knowledge of enterprise security platforms including SIEM, EDR, SOAR, and PAM technologies, with hands-on experience implementing and operationalizing these tools at enterprise scale.
  • Strong understanding of AI/ML and GenAI security concepts as they apply to security tooling — including risks introduced by AI-enabled systems and best practices for securing AI workloads.
  • Demonstrated experience conducting structured vendor evaluations, comparative analyses, and technology assessments, including RFI/RFP development and proof-of-concept execution.
  • Ability to develop operational runbooks, configuration baselines, and implementation plans for complex security platforms.
  • Solid understanding of cloud security (AWS, Azure, Google Cloud) and secure configurations relevant to AI workloads.
  • Strong vendor and managed service partner management skills, including driving performance and escalation resolution.
  • Ability to translate technical findings into clear, actionable recommendations for both technical peers and senior leadership.
  • Excellent analytical, problem-solving, and communication skills, with the ability to manage multiple concurrent initiatives.
  • Ability to respond effectively to urgent escalations and incidents related to deployed platforms.

Education & Experience

  • Bachelor's Degree required; relevant technical disciplines preferred.
  • 10+ years of overall technology experience, with significant depth in information security and security platform implementation and operationalization.
  • 1–2 years of hands-on experience with AI-enabled or AI-adjacent security technologies in an enterprise environment.
  • Proven track record of leading technology vendor evaluations and comparative analyses.
  • Hands-on experience with public cloud environments (AWS, Azure, Google Cloud).
  • Relevant certifications preferred (CISSP, CCSP, GIAC, Splunk, or AI/cloud security credentials).
  • Insurance or financial services experience preferred.

#LI-Hybid

#LI-DM1

I n certain jurisdictions, CNA is legally required to include a reasonable estimate of the compensation for this role. In District of Columbia,California, Colorado, Connecticut, Illinois, Maryland, Massachusetts, New York and Washington, the national base pay range for this job level is $72,000 to $141,000 annually. Salary determinations are based on various factors, including but not limited to, relevant work experience, skills, certifications and location. CNA offers a comprehensive and competitive benefits package to help our employees – and their family members – achieve their physical, financial, emotional and social wellbeing goals. For a detailed look at CNA’s benefits, please visit cnabenefits.com

CNA is committed to providing reasonable accommodations to qualified individuals with disabilities in the recruitment process. To request an accommodation, please contactleaveadministration@cna.com

CNA Insurance

About CNA Insurance

CNA is one of the largest U.S. commercial property and casualty insurance companies. Backed by more than 125 years of experience, CNA provides a broad range of standard and specialized insurance products and services for businesses and professionals in the U.S., Canada and Europe.

Industry
Finance & Insurance
Company Size
5,001-10,000 employees
Headquarters
Chicago, Illinois
Year Founded
Unknown
Website
cna.com
Social Media