Senior AI Security Engineer [EOR]

Credit Acceptance is proud to be an award\-winning company with workplace recognition in multiple categories! Our world\-class culture is shaped by dedicated Team Members who share a drive to succeed as professionals and together as a company. A great product, amazing people and our stable financial history have made us one of the largest used car finance companies in the United States.

In this role, you will work as a dedicated member of a globally distributed team, partnering closely with business partners in the U.S. to design, build, and scale solutions that directly impact our customers and operations. While your legal employer will be our EoR partner, you will be fully integrated into our Credit Acceptance team for day\-to\-day work and collaboration.

The AI Security Engineer is responsible for securing artificial intelligence (AI) and machine learning (ML) technologies across Credit Acceptance. This role partners closely with engineering, data science, product, and business teams to enable safe and compliant adoption of AI, while managing emerging risks related to data privacy, model integrity, misuse, and regulatory compliance.

This position focuses on embedding security into AI systems by design, including agentic and autonomous AI systems, by providing hands‑on technical guidance, developing standards and guardrails, and supporting teams as they integrate AI capabilities into products and business processes.

• *Outcomes and Activities:**

• Partner with engineering and data science teams to design and review AI architectures, including agentic and multi‑agent systems, for security, privacy, and regulatory compliance.
• Perform security reviews of AI/ML systems, including model lifecycle, data pipelines, inference APIs, agent orchestration layers, and third‑party AI services.
• Identify and mitigate risks such as:

+ Data leakage and model exploitation

+ Prompt injection and indirect prompt manipulation

+ Agent autonomy risks (over‑permissioned agents, unsafe tool use, uncontrolled action execution)

+ Insecure model deployment and inference exposure

• Support threat modeling and risk assessments for AI and agent‑driven workflows, assisting teams in implementing practical mitigations.

Governance, Standards, and Policy

• Contribute to and operationalize AI and agentic AI security standards, guidelines, and secure design patterns used across the company.
• Evaluate AI platforms, agent frameworks, and vendors to ensure alignment with security, privacy, and compliance requirements.
• Support responsible AI practices related to explainability, oversight, auditability, and controlled autonomy, in collaboration with legal, compliance, and risk partners.

Collaboration \& Advisory

• Act as a trusted security advisor to teams adopting AI, LLM‑based agents, and workflow‑oriented AI systems.
• Participate in design reviews and working sessions focused on secure AI and agent deployment.
• Provide guidance on secure use of generative AI, internal AI platforms, and agent‑based tools interacting with company systems and data.

Continuous Improvement

• Stay current on AI and agentic AI security threats, vulnerabilities, and best practices.
• Recommend improvements to tooling, processes, and controls to strengthen AI security posture.
• Contribute to internal documentation, training materials, and security enablement related to AI and agent usage.

• *Competencies:**

• Customer Empathy: Customer Empathy is the ability to understand the perspectives, pain points, and experiences of customers. It involves actively putting oneself in the customer's shoes, comprehending their needs and challenges, and using that understanding to provide a better, more customer\-centric experience.
• Engineering Excellence: Engineering Excellence is about bringing great craftsmanship and thought leadership to deliver an outstanding product that delights customers and solves for the business. This involves the pursuit and achievement of high standards, best practices, innovation, and superior solutions.
• One Team: A One Team mindset refers to a collaborative approach across the organization, where individuals work together seamlessly, without boundaries, as a single, cohesive team. Shared goals, open communication and mutual support create a sense of collective purpose. This enables teams to navigate challenges and pursue shared objectives more effectively.
• Owner's Mindset: Owner's Mindset involves adopting a set of behaviors that reflect a sense of responsibility, accountability, strategic thinking, and a proactive approach to managing your domain. As an owner, you understand the business and your domain(s) deeply and solve for the right outcome for the domain(s) and the business.

• *Required:**

• Bachelor’s Degree or equivalent experience
• 5\+ years of experience in application security, cloud security, or product security.
• 2 \+ years of experience in AI security

• *Preferred:**

• Experience securing AI/ML systems, LLM‑based agents, or generative AI platforms.
• Familiarity with risks unique to agentic AI, such as excessive autonomy, privilege escalation through tools, and unsafe action execution.
• Experience with cloud platforms (e.g., AWS, Azure, GCP) and containerized environments.
• Knowledge of regulatory and governance considerations related to AI and automated decision systems.
• Experience embedding security into software development workflows (DevSecOps).

• *Knowledge and Skills:**

• Strong understanding of modern software development practices and architectures.
• Working knowledge of AI/ML concepts, including data pipelines, model training, inference, and deployment.
• Understanding of agentic AI patterns, including tool‑using agents, workflow orchestration, and autonomous decision‑making systems.
• Familiarity with threat modeling, security testing, and risk assessment techniques.
• Ability to communicate security risks and recommendations clearly to both technical and non‑technical audiences.

• *CTC Range:** ₹ 37,99,593 \- ₹ 55,72,735

• *Total Compensation (CTC):** Final CTC will be shared during the offer stage and will include all compensation components in detail as per EOR vendor's structure.

Final compensation within the range is influenced by many factors including role\-specific skills, depth and experience level, industry background, relevant education and certifications.

• *This role is hired through an Employer of Record (EoR) partner in India.**

• You will be legally employed in India through our EoR partner
• While your legal employer is the EoR partner, you will work full\-time and be fully aligned to Credit Acceptance
• Your day\-to\-day work, responsibilities, and performance expectations will be consistent with our global team members
• You will receive locally compliant payroll, benefits, and statutory coverage through the EoR partner

• *Our Company Values:**

To be successful in this role, Team Members need to be

• Positive by maintaining resiliency and focusing on solutions.
• Respectful by collaborating and actively listening.
• Insightful by cultivating innovation, accumulating business and role specific knowledge, demonstrating self\-awareness and making quality decisions.
• Direct by effectively communicating and conveying courage.
• Earnest by taking accountability, applying feedback and effectively planning and priority setting.

• *Expectations:**

• Regularly overlap with U.S. business hours to support collaboration with global team members.
• Remain compliant with our policies, processes and guidelines
• All other duties as assigned
• Attendance as required by department