AI Security Architect

About The Position

Requirements

• Bachelor's Degree in Information Technology, Business Administration, or related field or an equivalent combination of education and experience.
• 8+ years in information security, with at least 3 years in a security architecture or senior engineering role.
• Demonstrated hands-on experience securing Microsoft Copilot (M365 Copilot, Copilot Studio, or Copilot for Security) in an enterprise environment.
• Practical experience with Anthropic Claude or comparable frontier LLM services, including enterprise deployment, API integration, and associated security controls.
• Proven background in security engineering — writing code, building automation, and deploying security tooling — not solely advisory work.
• Deep expertise in Azure security architecture — including Entra ID, Defender XDR, Sentinel, Purview, and Azure OpenAI Service.
• Proficiency in scripting and development (Python, PowerShell, or similar) for building security automation and AI integrations.
• Familiarity with AI/ML model security concepts: adversarial attacks, prompt injection, jailbreaking, data poisoning, model inversion, and supply chain risks.
• Understanding of DLP, CASB, and data governance tooling in the context of AI-generated content (experience with Netskope or similar inline CASB a plus).
• Working knowledge of core enterprise platforms in scope: ServiceNow, Salesforce, FIS, and Microsoft 365.

Nice To Haves

• Experience in financial services, banking, or another highly regulated industry strongly preferred.

Responsibilities

• Design, build, and maintain the secure architecture for Pinnacle's AI environment, including Microsoft Copilot, Anthropic Claude, and future AI services integrated across the enterprise.
• Engineer security controls, guardrails, and monitoring pipelines for AI platforms, including prompt injection defenses, data leakage prevention, model access governance, and output validation.
• Develop and enforce AI security standards, reference architectures, and engineering playbooks aligned to NIST AI RMF, MITRE ATLAS, and emerging financial sector guidance.
• Collaborate with the AI team (led by Kevin Johnson) on new AI deployments to ensure security-by-design is embedded from inception through production.
• Own the technical integration of AI security tooling within Pinnacle's Azure-centric stack, including M365, Entra ID, Defender, and Purview.
• Lead the engineering and deployment of AI capabilities within the Security Operations Center to accelerate threat detection, triage, and incident response.
• Build and optimize AI-assisted workflows within SIEM (Microsoft Sentinel), SOAR, and vulnerability management platforms to reduce analyst toil and improve mean time to respond.
• Develop and operationalize AI-driven threat intelligence and anomaly detection models tailored to Pinnacle's environment and financial sector threat landscape.
• Identify and drive automation opportunities across the security program using AI — from phishing analysis and alert enrichment to policy compliance checks and reporting.
• Assess AI-specific risks including model supply chain threats, adversarial inputs, shadow AI usage, and third-party AI vendor exposure across Pinnacle's ecosystem.
• Partner with Legal, Compliance, and Risk teams to align AI security practices with applicable regulations (FFIEC, OCC, GLBA, SOX) and Pinnacle's internal control frameworks.
• Establish and maintain an AI asset inventory and risk register; perform periodic AI security reviews and red-team exercises.
• Evaluate and advise on the security posture of AI vendors and SaaS platforms before and after procurement, providing risk-rated recommendations to the CSO.
• Recruit, mentor, and grow an AI Security team as the practice matures — establishing role definitions, career paths, and onboarding frameworks.
• Serve as the internal subject matter expert and evangelist for AI security, providing education and guidance to engineering, IT, and business teams.
• Maintain active engagement with the broader security community, staying ahead of AI threat trends, attack research, and defensive tooling advancements.
• Collaborate closely with Pinnacle's AI team (AI Governance owner) to ensure alignment on AI strategy, risk tolerance, and control responsibilities.