AI Security Architect & Red Team Lead

University of TorontoToronto, ON
CA$120,499 - CA$200,831Onsite

About The Position

The University of Toronto is seeking an AI Security Architect & Red Team Lead to establish and drive the university’s adversarial testing capability for AI systems. This is a foundational hire: a self-directed professional who will build the AI red teaming function from the ground up, define its strategy, and serve as the university’s primary authority on AI-specific security threats. Reporting to the Chief Information Security and Digital Trust Officer, the AI Security Architect & Red Team Lead will operate with significant autonomy, independently assessing the AI threat landscape, identifying what the university needs, and coming back to senior leadership with clear, actionable recommendations. This role is not about managing a large team; it is about being the expert who shapes the university’s approach to AI security testing, builds the internal checks and balances required for responsible AI deployment, and manages relationships with third-party red teaming providers. The ideal candidate has a clear vision for how AI red teaming should work in a complex, decentralized environment like a major research university, can work independently with minimal direction, and communicates findings and recommendations directly to senior & executive leadership including the Chief Information Security and Digital Trust Officer.

Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity, Data Science, or a related field.
  • Equivalent combination of education and experience will be considered.
  • Minimum 5 years of experience in cybersecurity and/or application architecture.
  • At least 3 years focused on AI/ML security, adversarial testing, or red teaming.
  • Demonstrated experience leading or conducting adversarial testing of AI systems, including LLMs and/or agentic AI applications.
  • Proven track record of managing third-party security vendors, including scoping engagements, evaluating deliverables, and holding providers accountable.
  • Experience working independently to define and build a security program or capability from scratch.
  • Experience communicating technical security findings and recommendations to senior non-technical leadership.
  • Deep understanding of LLM architectures, transformer models, prompt engineering, and common AI attack vectors (injection, evasion, poisoning, extraction).
  • Proficiency in Python and familiarity with adversarial ML libraries and frameworks (ART, PyRIT, Garak, TextAttack, CleverHans).
  • Knowledge of agentic AI systems, MCP (Model Context Protocol), RAG architectures, and multi-agent orchestration.
  • Strong understanding of AI security frameworks: NIST AI RMF, NIST AI 600-1, MITRE ATLAS, OWASP LLM Top 10, and OWASP Agentic Top 10.
  • Familiarity with SIEM/SOAR platforms, CI/CD pipeline security, and infrastructure security fundamentals.
  • Strong understanding of Canadian data protection regulations (PIPEDA, provincial privacy legislation, emerging federal AI regulation), ISO/IEC 42001, and ISO/IEC 27001.
  • Familiarity with the EU AI Act as a framework alignment reference for international best practice.
  • Familiarity with AI observability and tracing platforms (e.g., Langfuse, LangSmith, Arize Phoenix, AgentOps) and model artifact scanning tools (e.g., Protect AI ModelScan, HiddenLayer), sufficient to evaluate solutions, define requirements, and red team monitoring coverage.
  • Familiarity with MCP security scanning tools, MCP gateway architectures, and agent-level audit logging for tool-use governance.
  • Self-starter who thrives with autonomy and can independently determine priorities and next steps without close supervision.
  • Strong strategic thinking, able to see the big picture of AI security risk and translate it into a concrete, phased plan.
  • Excellent written and verbal communication skills, with the ability to brief senior executives and produce polished reports.
  • Comfort operating in a complex, decentralized environment where influence, persuasion, and relationship-building are as important as technical expertise.
  • Adversarial mindset paired with ethical judgment and integrity.

Nice To Haves

  • Master’s degree preferred.
  • Relevant certifications: OSCP, GIAC (GPEN, GXPN), CEH, CISM, or AI-specific certifications are preferred.
  • Experience in higher education, research institutions, or public-sector environments is preferred.
  • Experience with deepfake detection, multimodal AI security, or AI-generated content forensics is preferred.
  • Experience building or contributing to open-source AI security tools is preferred.
  • Experience evaluating or adversarially testing AI guardrail frameworks and PII protection tools (e.g., NVIDIA NeMo Guardrails, Guardrails AI, Microsoft Presidio, Meta Llama Guard, Lakera Guard) is preferred.
  • Knowledge of data classification frameworks and AI-specific Data Loss Prevention (DLP) strategies, including NLP-based entity recognition for sensitive data detection and masking.
  • Published research or conference presentations in AI security, adversarial ML, or related fields is preferred.

Responsibilities

  • Establish and drive the university’s adversarial testing capability for AI systems.
  • Build the AI red teaming function from the ground up.
  • Define the strategy for AI red teaming.
  • Serve as the university’s primary authority on AI-specific security threats.
  • Independently assess the AI threat landscape.
  • Identify the university's needs in AI security.
  • Provide clear, actionable recommendations to senior leadership.
  • Shape the university’s approach to AI security testing.
  • Build internal checks and balances for responsible AI deployment.
  • Manage relationships with third-party red teaming providers.
  • Communicate findings and recommendations directly to senior & executive leadership.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service