AI System Architect

About Auralux Solutions LLC Auralux Solutions LLC is a boutique AI consulting firm specializing in on-premises, privacy-first AI deployments for small and mid-sized businesses. Our first priority is maintaining the security and privacy of our client data. About the Project We are seeking an independent contractor to conduct a formal security and architecture review of an AI chatbot system prior to expanding the deployment. Full technical details, architecture documentation, and source code access will be provided following NDA execution. Key Skills Required Python application security review LLM/RAG architecture familiarity Docker and Linux infrastructure auditing Database security (lightweight/embedded databases) Secure secrets and environment management Git repository hygiene and security Scope of Work The contractor will review and certify the following areas. Full technical documentation will be provided upon NDA execution. 1. Source Code Review General review of application code for security vulnerabilities, code quality, and adherence to Python best practices. 2. Security Assessment Secrets and credentials management Network exposure and service isolation Process and service configuration Dependency vulnerability audit Repository hygiene and sensitive data exposure risk 3. AI/RAG Architecture Review Retrieval pipeline logic and correctness Embedding and vector consistency Context injection strategy and prompt robustness against hallucination Conversation state and session management 4. Infrastructure Review Containerized service configuration and data persistence Service dependency and process management Logging configuration and hygiene 5. Data Privacy Review Confirmation that no customer PII is transmitted outside the local environment Data storage security and access permissions Data preprocessing and ingestion pipeline privacy compliance 6. Overall Architecture Review You are encouraged to provide recommendations on alternative or improved architectural approaches based on their experience with production AI systems. Suggestions for scalability, reliability, and security hardening are welcome. Deliverables Written findings report covering all five review areas above Severity-rated issue list (Critical / High / Medium / Low / Informational) Specific remediation recommendations for any findings Written certification statement confirming the system meets reasonable security standards for a production SMB deployment, suitable for sharing with the end client Must have Skills Demonstrated experience in Python application security code review Familiarity with LLM/RAG architectures and associated risks (prompt injection, hallucination, data leakage) Experience auditing Linux-hosted services and Docker deployments Understanding of data privacy requirements relevant to SMB environments (HIPAA, GDPR, SOC 2 awareness is a plus) Ability to produce a clear, professional written report suitable for sharing with a non-technical business client 3-5 years of experience in the areas of software development, AI model implementation, RAG, and security hardening of AI systems Nice to Have Prior experience with Qdrant, Ollama, or similar local AI infrastructure Familiarity with RingCentral APIs Experience with pip-audit, bandit, or similar Python security tooling