AI Security Architect- Dallas onsite

About The Position

Requirements

• 7+ years in cybersecurity architecture with proven experience securing large-scale LLM deployments and multi-agent workflows.
• 5+ years of hands-on capability with agent frameworks (e.g., LangChain, LangGraph, AutoGen) and MLOps platforms.
• 3 to 5 years of Deep familiarity with model risk management principles and AI security standards.
• Compliance with Client’s responsible AI principles and Acceptable Use policy.
• Adherence to data residency, privacy (GDPR, HIPAA where applicable), and 21 CFR Part 11 controls where in scope.
• Third-party risk assessment and SOC 2 Type II (or equivalent) certification.
• Disclosure of subcontractors and offshore delivery locations.
• Disclosure of model providers, training data practices, and any use of client data for model improvement (opt-out required).

Responsibilities

• Define strict Role-Based Access Control (RBAC) and least-privilege models for AI agents using identity systems (e.g., Entra Agent ID).
• Design runtime environments with restricted permissions to prevent manipulated agents from accessing unauthorized APIs, data sources, or executing malicious toolchains.
• Implement defenses against adversarial attacks, prompt injections, jailbreaking, and sensitive data leakage (DLP) across agent workflows.
• Architect logging and monitoring standards to map how reasoning agents use data and call APIs, eliminating "black box" decisions.
• Monitor models and prompt templates in production to detect behavioral drift, anomalies, and poisoning or evasion attacks.
• Design LLM-driven and agentic workflows to improve alert triage, contextual correlation, false-positive filtering, and playbook automation.
• Establish remediation strategies and threat-hunting procedures for AI-specific events (e.g., compromised model artifacts, hallucination-driven exploits).
• Map AI-specific controls to established standards like the NIST AI RMF, OWASP Top 10 for LLMs, and GDPR.
• Build audit pipelines that track and explain everything an agent does to satisfy ongoing AI regulatory compliance and governance requirements.
• Define and maintain AI security reference architectures for multiple AI deployment patterns, including MCP / Agentic AI and LLM application stacks (RAG, tools/plugins, agents, orchestration).
• Establish and evolve security requirements, patterns, and guardrails across the AI/ML SDLC (design → build → run), including secure pipelines and platform controls.
• Own AI security architecture decisions across critical domains: identity, secrets, data protection, network controls, tenancy boundaries, logging/telemetry, and isolation for training/inference.
• Design and deploy controls to ensure model integrity and governance, including RBAC/ABAC for models, feature stores, data sets, registries, and evaluation artifacts.
• Build/enable technical mechanisms for provenance, attestation, signing, and approval workflows (where applicable) across datasets, models, prompts, and deployments.
• Drive implementation of runtime protections for AI services (abuse prevention, rate limiting, input/output validation, prompt-injection mitigations, model endpoint hardening, and monitoring).
• Conduct and lead AI/ML-specific threat modeling (data poisoning, model evasion, extraction, inversion, supply-chain, prompt attacks), translate findings into actionable backlogs, and drive remediation.
• Define and run security design reviews for AI initiatives; provide clear, pragmatic architecture guidance and document exceptions with risk acceptance paths.
• Establish AI security testing approaches (adversarial testing, red-teaming enablement, evaluation security, misuse/abuse cases) and integrate into delivery pipelines.
• Design and deliver AI security tooling to improve and automate cybersecurity posture (e.g., controls coverage, policy-as-code, detection engineering, vulnerability management integration, incident response playbooks for AI-specific events).
• Define logging/monitoring standards and detection use-cases for AI platforms and LLM apps (drift signals, anomalous access, suspicious prompt patterns, exfiltration indicators, policy violations).
• Act as the team’s technical mentor: coach engineers through designs, implementations, and trade-offs; raise engineering quality via reviews, pairing, and knowledge sharing.
• Lead by influence across Data Science, Engineering, Product, Platform, and Cybersecurity—driving alignment without formal authority.
• Create internal enablement materials: runbooks, architecture standards, reusable patterns, and reference implementations.

Benefits

• NTT DATA is a Global Top Employer
• NTT DATA offers clients access to a robust ecosystem of innovation centers as well as established and start-up partners.
• NTT DATA is a part of NTT Group, which invests over $3 billion each year in R&D.