Job Description

Some careers shine brighter than others.
If you're looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.
We are currently seeking an experienced professional to join our team in the role of Senior Consultant Specialist
Key Responsibilities:

• Design Python services/libraries for real-time guardrails at inference gateways, agent frameworks, and tools.
• Implement detection/defense for: Jailbreak, prompt injection, indirect prompt injection, model hijacking, retrieval poisoning.
• PII detection, redaction, masking, tokenization; support entity-level validation (e.g., Luhn for cards).
• Toxicity, hate/abuse, harassment, self-harm, sexual content, extremism, illegal content, medical/financial misinformation.
• Data Loss Prevention (DLP): sensitive document detection, source tagging, outbound filtering, safe tool-use and retrieval.
• Privacy/Compliance: HIPAA/PCI/PII controls, right-to-be-forgotten flows, purpose limitation.
• Hallucination checks: factuality, citation/grounding enforcement, source-attribution.
• Copyright/safety policy checks, brand safety, IP filtering.
• Safety policy orchestration: allow/deny/escalate with human-in-the-loop.
• Build evaluation pipelines and test harnesses: Automated red-teaming and adversarial input suites; scenario coverage for jailbreak and injection.
• Precision/recall, F1, ROC/AUC for classifiers; false-positive/false-negative tracking; policy regression tests.
• Latency, throughput, cost per token/call; tail-latency analysis; SLO/SLA adherence.
• Drift monitoring: data, model, and behavior drift; safety KPI trends.
• Factuality/grounding metrics: citation rate, source match, contradiction rates.
• Agent-specific evaluations: tool-use safety, step-level audits, goal completion, error propagation, recovery behavior.
• Human review loops and rubric scoring; inter-rater reliability.
• Integrate observability: Guardrail hit rates, block/allow/escalate counts, severity classification.
• Safety incidents, near-misses, and auto-mitigation signals.
• Distributed tracing for guardrail decisions; audit logs and evidence storage.
• Collaborate with AI/ML, Security, and Platform teams to integrate guardrails into orchestration layers, retrieval pipelines, RAG components, and agent toolchains.
• Maintain policy catalogs, incident runbooks, and rapid update mechanisms.

To be successful in this role you should meet the following requirements

• Bachelor's degree in Computer Science/Engineering
• 8+ years software engineering with strong Python expertise.
• Proven experience building AI safety/security guardrails: jailbreak/prompt injection defenses, PII detection/redaction, toxicity filtering, DLP, data masking/tokenization.
• Hands-on with NLP/ML stacks: PyTorch/TensorFlow, Hugging Face, spaCy, Presidio, scikit-learn; pattern recognizers and post-processing validation.
• Experience with agent frameworks (LangChain/LlamaIndex/Custom) and tool-use safety, role/policy enforcement, output evaluation.
• Solid understanding of LLM vulnerabilities, retrieval safety for RAG, content safety policies, privacy/security controls, and evaluation methodologies.
• MLOps: MLflow, Ray, Kubernetes/Docker, model registries, feature stores.
• Cloud (AWS/GCP/Azure) and security services (KMS/Secrets Managers/DLP).
• Red-teaming and synthetic adversarial data generation; safety policy test automation.
• OpenTelemetry/Prometheus/Grafana for safety and performance dashboards.
• Data governance, PII catalogs, masking/tokenization, lineage, and consent management.
• Regulatory familiarity: GDPR, CCPA, HIPAA, PCI-DSS, SOC2.
• Experience with retrieval safety (document classifiers, provenance checks, watermarking).
• Production experience with APIs/microservices, observability (logs/metrics/traces), CI/CD, and security best practices.
• Good to have hands-on Experience on Docker, Kubernetes, Kafka and Google Cloud
• Good to have hands-on experience in Django & Angular is good-to-have.
• Good to have knowledge of Microservices based architecture and patterns.
• Good to have knowledge of cloud concepts and cloud architecture, different types of cloud computing (preferably GCP).
• Good to have knowledge of DevOps principles & tools like GitHub/Jenkins, Jira, Confluence, Ansible..

You'll achieve more when you join HSBC.
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working, and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Issued by - HSBC Software Development India.

Skills Required