Enterprise Data Security Architect

About The Position

Requirements

• This position would require 10 years of security architecture or senior security engineering experience as previously described.
• 3+ years of direct experience securing AI/MK/GenAI systems, data science platforms, or large-scale data environments
• CISSP, CCSP, and CISM highly preferred
• NIST Cybersecurity Framework practical experience is required
• SABSA or TOGAF framework experience is also preferred.
• Deep knowledge of modern cloud security (Azure, AWS, GCP), container/kubernetes security, and zero-trust principles.
• Strong understanding of AI/ML concepts: model lifecycle, training/inference pipelines, embeddings, RAG, agents, fine-tuning, and common attack vectors.
• Proven track record performing threat modeling and risk assessments for both traditional systems and AI workloads.
• This person would specifically also understand how to deploy and manage security tech such as DLP (Data Loss Prevention), SIEM systems (e.g., Splunk, ELK), tokenization/masking, and compliance frameworks (GDPR, HIPAA, SOC 2).
• This person would specifically also understand how to lead Incident Response activities such as monitoring for anomalies, investigating breaches, and lead recovery efforts while minimizing data exposure.

Responsibilities

• Defining overarching security reference architectures, patterns, standards, and blueprints that align with business objectives while incorporating secure-by-design strategies.
• Design controls to mitigate AI-specific risks: prompt injection, data poisoning, model inversion/extraction, adversarial attacks, hallucination exploitation, supply-chain attacks on models/datasets, and agentic/multi-agent system vulnerabilities.
• Define secure patterns for generative AI deployments including RAG architecture, vector databases, LLM gateways, output filtering, guardrails, red-teaming processes, and responsible AI governance.
• Lead threat modeling using frameworks such as MITRE ATLAS, OWASP, NIST AI RMF, etc.
• Architect and support enterprise data security controls: classification, encryption (at-rest, in-transit, in-use), data loss preventions (DLP), data security posture management (DSPM), access governance, and tokenization.
• Secure big data / analytics environments (data lakes, warehouses, feature stores, model registries) and ensure lineage, provenance, and integrity in data use.
• Collaborate with data engineering teams to embed privacy-preserving techniques (differential privacy, federated learning, secure multi-party computation) where appropriate.
• Command the ability to properly assess security architecture against regulatory requirements and frameworks.

Benefits

• Day one health, dental, and vision insurance
• 401(k) Plan with competitive employer match
• Vacation, sick, holiday and volunteer time off
• Life and disability insurance
• Flexible Spending Account & Health Savings Account
• Professional development
• Tuition reimbursement
• Company-sponsored social and philanthropy events