GenAI Security Platform Architect

About The Position

Requirements

• Bachelor’s degree in Computer Science, Engineering, Information Security, or equivalent experience.
• Minimum 8+ years in Cybersecurity with 3+ years focused on securing AI/ML systems or GenAI applications in production.
• CISSP certification required
• Demonstrated deep technical experience designing secure architectures for: ML pipelines and MLOps platforms (data ingestion, feature stores, training, model registry, deployment, monitoring). GenAI workloads (LLM APIs, fine-tuning, RAG, vector databases, agent frameworks). Cloud-native environments (containers/Kubernetes, serverless, service mesh, VPC/network security).
• Strong knowledge of AI-specific threats and mitigations: data poisoning, model inversion/membership inference, model theft/IP protection, adversarial examples, prompt injection/jailbreaks, exfiltration via outputs, and LLM supply chain risks.
• Practical familiarity with security frameworks and standards: NIST AI RMF, OWASP Top 10 (including LLM apps), MITRE ATT&CK and ATLAS, or similar.
• Hands-on experience implementing: Identity and access controls for AI services (service principals, fine-grained IAM, token and key management). Secrets management (Vault, KMS/Key Vault/Cloud KMS/HSM), encryption-in-transit/at-rest, data tokenization, DLP. Monitoring/logging for AI systems (model telemetry, prompt/response logging with privacy controls, drift/anomaly detection).
• Demonstrated ability to quickly learn and build expertise in diverse and emerging technologies and new architectural concepts and principles
• Strong influencing and consensus building skills, and the adaptability to respond to change quickly
• Strong communications skills, both written and verbal
• Ability to effectively collaborate with all levels of the organization with diverse backgrounds
• Strong desire to drive change, and ability to adapt to change quickly
• Excellent communication skills; ability to influence architecture and risk decisions across engineering, product, and executive stakeholders.

Nice To Haves

• Experience with enterprise GenAI platforms and tools: MLOps: SageMaker, Vertex AI, Cortex, AWS ML, Azure ML, MLflow, KServe/Seldon/Triton, Feast/Tecton HuggingFace. LLM/GenAI: Azure OpenAI, AWS Bedrock, OpenAI, LangChain/LangGraph/Semantic Kernel, vector DBs (Pinecone, Weaviate, FAISS/Chroma), guardrails/middleware (e.g., Llama Guard, Lakera, Protect AI, Robust Intelligence, HiddenLayer), GitHub Copilot, GitHub Copilot Coding Agent, Devin.ai, M365 Copilot, Copilot Web. Observability: Prometheus/Grafana, ELK/Opensearch, Splunk, Cribl; AI eval frameworks and red-team tooling.
• Advanced degree (MS/PhD) in Security, ML/AI, or related field is a plus.

Responsibilities

• Define and own the end-to-end security architecture for AI/ML systems (training, fine-tuning, inference/serving, RAG, agents, and integrations).
• Develop and maintain reference architectures and guardrails for common AI patterns (e.g., RAG with vector databases, multi-agent workflows/orchestration, LLM API integrations, on-prem vs. cloud model hosting).
• Build and maintain an AI security controls library mapped to frameworks (e.g. NIST AI RMF, OWASP Top 10 for LLM Apps, MITRE ATLAS).
• Establish risk appetite and control requirements across the AI lifecycle; perform design reviews and signoffs for AI initiatives.
• Define security baselines, secure configurations, and kill-switch/rollback strategies for AI components.
• Continuously assess threat landscape and update risk models specific to AI/ML, GenAI, and insurance sector adversaries.
• Integrate security into the ML/LLM SDLC and CI/CD pipelines (dataset curation, feature engineering, model training, evaluation, packaging, registry, deployment).
• Partner across Global Cybersecurity, Global Digital Solutions (Cloud/Platforms/Infrastructure/Endpoint), and Liberty IT to enforce least privilege, secrets management, and policy-as-code for AI pipelines and serving infrastructure.
• Champion DevSecOps automation for AI projects by embedding security controls and testing directly into development pipelines, reducing reliance on manual approvals and enabling teams to deliver secure AI solutions quickly and efficiently.
• Recommend/consult on adversarial testing and red teaming for AI systems; coordinate jailbreak/prompt-injection testing, model evasion scenarios, and safety evaluations.
• Recommend and validate defenses (input/output filtering, content moderation, prompt hardening, retrieval sanitization, adversarial training, rate limiting/abuse detection).
• Drive monitoring for model drift, anomaly detection, and harmful output prevention; set response strategies and develop response playbooks for AI incidents.
• Ensure data minimization, classification, encryption, and access controls for training and inference data (incl. embeddings and vector stores).
• Ensure compliance with global privacy regulations (CCPA, NYDFS, GDPR, etc.) in AI/ML contexts.
• Recommend/consult with GRC on the establishment AI security governance, policies, and standards.
• Define control objectives and measurable KPIs; support vendor/security assessments for AI services and model providers.
• Evaluate and select AI security tools; manage POCs and guide build-vs-buy decisions.
• Mentor teams on best practices in AI/ML security; help build internal capability across engineering, risk, and product functions.

Benefits

• At Liberty Mutual, our goal is to create a workplace where everyone feels valued, supported, and can thrive. We build an environment that welcomes a wide range of perspectives and experiences, with inclusion embedded in every aspect of our culture and reflected in everyday interactions. This comes to life through comprehensive benefits, workplace flexibility, professional development opportunities, and a host of opportunities provided through our Employee Resource Groups. Each employee plays a role in creating our inclusive culture, which supports every individual to do their best work. Together, we cultivate a community where everyone can make a meaningful impact for our business, our customers, and the communities we serve.
• We value your hard work, integrity and commitment to make things better, and we put people first by offering you benefits that support your life and well-being. To learn more about our benefit offerings please visit: https://LMI.co/Benefits