Enterprise Security AI Architect

About The Position

Requirements

• 15+ years of experience in cybersecurity, with a strong focus on enterprise security architecture within large, complex environments.
• 5+ years of experience specifically in Enterprise AI Security Architecture, including securing AI/ML, GenAI, or data-driven platforms and services.
• Proven expertise in designing and implementing enterprise-scale security architectures, including development of reference architectures, security standards, and reusable security patterns.
• Deep understanding of AI/LLM security risks and controls, including areas such as data protection, model access, prompt security, output handling, and emerging threat vectors.
• Experience securing AI-assisted software development and agentic systems, including AI coding assistants, agent frameworks, tool/MCP integrations, and the controls needed for safe enterprise use of AI in building applications and agents.
• Demonstrated experience leading threat modeling initiatives and developing threat intelligence or threat radar capabilities specific to evolving technology domains.
• Proficient experience with industry security frameworks and standards (e.g., NIST, ISO 27001, CIS, MITRE ATT&CK), and ability to apply them in modern AI and cloud environments.
• Expertise in cloud security and modern identity architectures (e.g., Zero Trust, SSO, OAuth/OIDC, RBAC/ABAC) across platforms such as Azure.
• Solid knowledge of data security and privacy principles, including encryption, data classification, DLP, and regulatory considerations.
• Experience influencing and defining enterprise security roadmaps and strategies, with the ability to align security initiatives to business priorities.
• Solid track record of partnering across Enterprise Architecture, Engineering, GRC, Data, Product, and other security functions (e.g., AI Enablement, AppSec, Identity, Cloud Security, Threat & Vulnerability Management, Security Operations) to embed security into design and delivery processes.
• Experience evaluating and securing third-party vendors and platforms, including AI/SaaS solutions, with a risk-based approach.
• Exemplary communication skills with the ability to translate complex technical risks into clear, executive-level insights and recommendations.
• Bachelor’s degree in computer science, Cybersecurity, Engineering, or equivalent experience; relevant certifications (CISSP, CCSP, SABSA, cloud security certifications) are a plus.

Responsibilities

• Define and lead the enterprise AI security strategy and roadmap, ensuring secure and scalable adoption of AI capabilities across the organization.
• Design and maintain enterprise reference architectures for AI solutions, covering SaaS AI, hosted models, GenAI, and AI-enabled applications.
• Establish and enforce AI security standards, policies, and guardrails, ensuring consistent implementation across all AI initiatives.
• Develop and operationalize secure AI design patterns (e.g., identity, data protection, model access, prompt security, output controls) that teams can reuse to accelerate delivery.
• Drive AI Enablement and Securing Enterprise AI: define the secure, sanctioned ways teams use AI to build applications and agents—covering developer tooling (AI coding assistants, agentic IDEs), agent frameworks, MCP/tool integrations, and runtime guardrails—so engineering can adopt AI productively without bypassing security.
• Lead and facilitate AI-focused threat modeling to identify risks such as data leakage, prompt injection, model abuse, and expanded blast radius, and define required mitigations.
• Build and maintain Threat Radars and AI risk intelligence, providing visibility into emerging threats, vulnerabilities, and industry trends impacting AI technologies.
• Partner across enterprise architecture, engineering, data, product, GRC, and security functions including AI Enablement, AppSec, Identity, Cloud Security, Threat & Vulnerability Management, and Security Operations to embed AI security into governance processes (e.g., intake, design reviews, approval boards).
• Provide architecture guidance and security oversight for AI use cases, ensuring solutions are secure-by-design and aligned with enterprise standards.
• Evaluate and assess third-party AI vendors and platforms, providing clear risk-based recommendations to leadership.
• Enable teams through documentation, patterns, and coaching, ensuring AI solutions can be delivered efficiently without increasing risk.
• Translate complex AI security risks into clear, executive-level insights and recommendations to support informed decision-making.