RAND Corporation
AI and Information Security Analyst
RAND Corporation, San Francisco, California, United States, 94199
RAND Corporation
RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND focuses on the issues that matter most such as health, education, national security, international affairs, the environment, and more.RAND's Meselson Center, part of the Global and Emerging Risks (GER) division, is seeking mission-driven cybersecurity experts to address critical challenges at the intersection of AI, information security, and national security. As an AI and Information Security Analyst, you'll directly impact AI and cybersecurity policy at the highest levels of government and industry, contributing to the security and integrity of powerful AI systems.Your work will address key questions related to securing AI systems, understanding their cyber capabilities, and examining their policy implications. Your work will span technical research, policy analysis, and infrastructure development. For example, you might develop AI-specific threat models, build software tools for AI cyber capability evaluations, or identify critical areas for new security R&D.RAND's reputation for excellence is built on our commitment to high-quality, rigorous analysis and objectivity. In this role, you will apply quantitative and qualitative skills to rigorously analyze AI security problems of national and international importance. Working with multidisciplinary teams of policy researchers, engineers, and scientists, you’ll shape recommendations for the White House, multiple regulatory agencies, the intelligence community, other national governments, and industry.You will communicate the results of your work to both technical and non-technical audiences through quick-turnaround policy briefs and detailed written research products. A recent example of one of our research products is the Securing AI Model Weights report, which explored protecting frontier AI models from theft and misuse.This role offers a unique opportunity to drive key policy decisions, ensuring the responsible development and deployment of powerful AI technologies.Responsibilities
AI & Information Security Analysts will use their technical skills and experience in AI, machine learning, data science, information security, and computer science to:Develop AI-specific threat models and recommendations for risk mitigationExecute evaluations and red-teaming exercisesContribute to the development of research approaches that answer complex questions at the intersection of AI, information security, and policyApply a broad range of analytically rigorous, quantitative and/or qualitative research methodsCreate tooling and software to support the above effortsTranslate and communicate results to varied audiences ranging from security professionals to public policymakers at all levels through written products and oral presentationsQualifications
All analyst positions at RAND require excellent analytic skills; the ability to communicate clearly and effectively in English, both orally and in writing; the ability to work effectively as a member of a multi-disciplinary team; and a strong commitment to RAND's core values of quality and objectivity.Successful applicants will be able to present strong evidence of quantitative and/or qualitative research tools, methods, and technical skills to support large and complex projects; accomplishment with leading or managing large and complex project tasks or analytic tasks; contributions to written research projects, technical reports, and briefings; and training and technical supervision to less experienced staff.Required
2+ years of technical experience in security engineering, software engineering, firmware engineering, hardware engineering, or related fieldsProficiency in Python, Java, C/C++, or other popular programming languagesAbility to develop rigorous and comprehensive threat models and identify potential system vulnerabilitiesStrong ability to communicate effectively in English, both verbally and in writingAbility to work effectively as a member of a multi-disciplinary teamAbility to reason about policy options given different technical considerationsPreferred
Graduate of the Computer Network Operations Development Program (CNODP), Remote Interactive Operator Training (RIOT), Future Operator Readiness Growth and Enrichment (FORGE), or equivalent experienceExperience with reverse engineering, red team operations, or offensive cyber capabilities developmentUnderstanding of advanced persistent threat (APT) tactics, techniques, and procedures (TTPs) and experience with defending against themAbility to think creatively about offensive and/or defensive techniques and strategies, beyond compliance with existing regulationsFamiliarity with U.S. cybersecurity agencies, authorities, and policy development processesExperience working in or with government on cybersecurity policyExperience with advising non-technical stakeholders on security topicsFamiliarity with the AI/ML hardware stack (e.g. GPUs, TPUs, data center design)Familiarity with the AI/ML software stack (e.g. CUDA, PyTorch, TensorFlow, Ray)Experience working on AI research, ML model training, or model deploymentExperience with securing AI systemsEducation Requirements
A master’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, Information Security, Information Technology, Mathematics, Applied Mathematics, Physics, Applied Physics, Engineering Physics, Artificial Intelligence, Machine Learning, Engineering and Public Policy, Technology and Policy, National Security Policy, Policy Analysis, Political Science, International Relations, or similar is required.OrA bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, Information Security, Information Technology, Mathematics, Applied Mathematics, Physics, Applied Physics, Engineering Physics, or similar with at least 10 years of relevant professional experience, is required. Relevant professional experience to meet these requirements should demonstrate the applicant’s ability to execute analytically rigorous methods related to information security.Security Clearance
Ability to obtain and maintain a U.S. government clearance is preferred but not required.Location
We are actively hiring for this position in San Francisco, CA, as well as our RAND offices in Washington, DC; Santa Monica, CA; Pittsburgh, PA; and Boston, MA. We offer a hybrid work arrangement, combining work from home and on-site options. Fully remote work will also be considered.Writing Sample
A writing sample is required for this position. This sample can use a recent, previously written paper or technical report (e.g., journal article, master’s thesis or paper written for coursework, research project, technical analysis, briefings).Applicants with work experience in which they have not produced written products (e.g., ML model development), or in which written products have dissemination restrictions, may submit a short, written summary (i.e., less than one page) of recent products they have developed.Term
This position is a 2-year term position with the possibility of renewal for an additional year alongside options for longer term employment. RAND's ability to provide visa and relocation support for this role will be considered.Salary Range:
$52,000 - $192,100Analyst I: $52,000 - $71,500Analyst II: $62,400 - $85,800Analyst III: $88,000 - $121,000Analyst IV: $99,200 - $143,900Analyst V: $125,900 - $192,100Hiring ranges for Technical Analysts are slightly higher than the ranges shown.RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate’s work experience, education/training, skills, expertise; and internal equity. Successful candidates will be offered employment in a specific title, as determined by the candidate's education and experience. The salary range includes base pay plus RAND’s sabbatic pay (which provides additional compensation above base pay when vacation is taken). In addition, RAND provides strong benefits including health insurance coverage, life and disability insurance, savings plan, paid time-off and more.Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet
#J-18808-Ljbffr
RAND is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND focuses on the issues that matter most such as health, education, national security, international affairs, the environment, and more.RAND's Meselson Center, part of the Global and Emerging Risks (GER) division, is seeking mission-driven cybersecurity experts to address critical challenges at the intersection of AI, information security, and national security. As an AI and Information Security Analyst, you'll directly impact AI and cybersecurity policy at the highest levels of government and industry, contributing to the security and integrity of powerful AI systems.Your work will address key questions related to securing AI systems, understanding their cyber capabilities, and examining their policy implications. Your work will span technical research, policy analysis, and infrastructure development. For example, you might develop AI-specific threat models, build software tools for AI cyber capability evaluations, or identify critical areas for new security R&D.RAND's reputation for excellence is built on our commitment to high-quality, rigorous analysis and objectivity. In this role, you will apply quantitative and qualitative skills to rigorously analyze AI security problems of national and international importance. Working with multidisciplinary teams of policy researchers, engineers, and scientists, you’ll shape recommendations for the White House, multiple regulatory agencies, the intelligence community, other national governments, and industry.You will communicate the results of your work to both technical and non-technical audiences through quick-turnaround policy briefs and detailed written research products. A recent example of one of our research products is the Securing AI Model Weights report, which explored protecting frontier AI models from theft and misuse.This role offers a unique opportunity to drive key policy decisions, ensuring the responsible development and deployment of powerful AI technologies.Responsibilities
AI & Information Security Analysts will use their technical skills and experience in AI, machine learning, data science, information security, and computer science to:Develop AI-specific threat models and recommendations for risk mitigationExecute evaluations and red-teaming exercisesContribute to the development of research approaches that answer complex questions at the intersection of AI, information security, and policyApply a broad range of analytically rigorous, quantitative and/or qualitative research methodsCreate tooling and software to support the above effortsTranslate and communicate results to varied audiences ranging from security professionals to public policymakers at all levels through written products and oral presentationsQualifications
All analyst positions at RAND require excellent analytic skills; the ability to communicate clearly and effectively in English, both orally and in writing; the ability to work effectively as a member of a multi-disciplinary team; and a strong commitment to RAND's core values of quality and objectivity.Successful applicants will be able to present strong evidence of quantitative and/or qualitative research tools, methods, and technical skills to support large and complex projects; accomplishment with leading or managing large and complex project tasks or analytic tasks; contributions to written research projects, technical reports, and briefings; and training and technical supervision to less experienced staff.Required
2+ years of technical experience in security engineering, software engineering, firmware engineering, hardware engineering, or related fieldsProficiency in Python, Java, C/C++, or other popular programming languagesAbility to develop rigorous and comprehensive threat models and identify potential system vulnerabilitiesStrong ability to communicate effectively in English, both verbally and in writingAbility to work effectively as a member of a multi-disciplinary teamAbility to reason about policy options given different technical considerationsPreferred
Graduate of the Computer Network Operations Development Program (CNODP), Remote Interactive Operator Training (RIOT), Future Operator Readiness Growth and Enrichment (FORGE), or equivalent experienceExperience with reverse engineering, red team operations, or offensive cyber capabilities developmentUnderstanding of advanced persistent threat (APT) tactics, techniques, and procedures (TTPs) and experience with defending against themAbility to think creatively about offensive and/or defensive techniques and strategies, beyond compliance with existing regulationsFamiliarity with U.S. cybersecurity agencies, authorities, and policy development processesExperience working in or with government on cybersecurity policyExperience with advising non-technical stakeholders on security topicsFamiliarity with the AI/ML hardware stack (e.g. GPUs, TPUs, data center design)Familiarity with the AI/ML software stack (e.g. CUDA, PyTorch, TensorFlow, Ray)Experience working on AI research, ML model training, or model deploymentExperience with securing AI systemsEducation Requirements
A master’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, Information Security, Information Technology, Mathematics, Applied Mathematics, Physics, Applied Physics, Engineering Physics, Artificial Intelligence, Machine Learning, Engineering and Public Policy, Technology and Policy, National Security Policy, Policy Analysis, Political Science, International Relations, or similar is required.OrA bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, Cybersecurity, Information Security, Information Technology, Mathematics, Applied Mathematics, Physics, Applied Physics, Engineering Physics, or similar with at least 10 years of relevant professional experience, is required. Relevant professional experience to meet these requirements should demonstrate the applicant’s ability to execute analytically rigorous methods related to information security.Security Clearance
Ability to obtain and maintain a U.S. government clearance is preferred but not required.Location
We are actively hiring for this position in San Francisco, CA, as well as our RAND offices in Washington, DC; Santa Monica, CA; Pittsburgh, PA; and Boston, MA. We offer a hybrid work arrangement, combining work from home and on-site options. Fully remote work will also be considered.Writing Sample
A writing sample is required for this position. This sample can use a recent, previously written paper or technical report (e.g., journal article, master’s thesis or paper written for coursework, research project, technical analysis, briefings).Applicants with work experience in which they have not produced written products (e.g., ML model development), or in which written products have dissemination restrictions, may submit a short, written summary (i.e., less than one page) of recent products they have developed.Term
This position is a 2-year term position with the possibility of renewal for an additional year alongside options for longer term employment. RAND's ability to provide visa and relocation support for this role will be considered.Salary Range:
$52,000 - $192,100Analyst I: $52,000 - $71,500Analyst II: $62,400 - $85,800Analyst III: $88,000 - $121,000Analyst IV: $99,200 - $143,900Analyst V: $125,900 - $192,100Hiring ranges for Technical Analysts are slightly higher than the ranges shown.RAND considers a variety of factors when formulating an offer, including but not limited to, the specific role and associated responsibilities; a candidate’s work experience, education/training, skills, expertise; and internal equity. Successful candidates will be offered employment in a specific title, as determined by the candidate's education and experience. The salary range includes base pay plus RAND’s sabbatic pay (which provides additional compensation above base pay when vacation is taken). In addition, RAND provides strong benefits including health insurance coverage, life and disability insurance, savings plan, paid time-off and more.Equal Opportunity Employer: race/color/religion/sex/sexual orientation/gender identity/national origin/disability/vet
#J-18808-Ljbffr