AI Security & Resilience Experts - Contract (Outside IR35) Location: London / Hybrid - 2/3 days onsite Sector: UK Financial Services Rate: Competitive Market Rates (Role Dependent) IR35: Inside Day rate: up to £600 per day Length: 9 months All candidates must demonstrate: UK FinServ Compliance: Deep familiarity with DORA, FCA Operational Resilience, and the EU AI Act. AWS Bedrock Stack: Hands-on experience with Agents, Knowledge Bases, Guardrails, and model lifecycles. AI/ML Core: Mastery of FMs, RAG, tool-use, and non-deterministic agent logic. Security Frameworks: Proficiency in OWASP LLM Top 10 and NIST AI RMF. Role 1: Identity Expert Mission: Secure the "Human-to-Agent" and "Agent-to-Resource" identity chain. Key Tasks: Lead SPIFFE/SPIRE rollouts with AWS Roles Anywhere; harden OBO (On-Behalf-Of) flows. Security: Implement sender-constrained tokens (PoP) and JIT for non-human identities. Threats: Modelling for Confused Deputy and Federation Hijacks; ensuring full traceability per EU AI Act Art. 12 & 14. Role 2: Threat & Adversarial AI Expert Mission: Lead structured offensive modeling to identify systemic AI vulnerabilities. Key Tasks: Conduct STRIDE modeling and build attack trees for prompt injection and "Denial-of-Wallet" scenarios. Validation: Run scenario workshops to test real-world control effectiveness. Governance: Maintain an adversarial knowledg...