Sr Principal AI Security Architect

About The Position

Requirements

• 10+ years in enterprise security architecture or engineering
• Expertise in Microsoft security ecosystem
• Strong scripting and query experience with PowerShell, KQL
• Experience securing AI pipelines and plugin-based architectures
• Proven leadership in AI-specific threat modeling and risk treatment
• Familiarity with model lifecycle governance
• Regulatory alignment: CRI v2.1, NIST AI RMF, OWASP LLM Top 10, FFIEC, GDPR, Basel III

Nice To Haves

• Experience with a Global Systemically Important Bank (G-SIB)
• Experience with Solytics, Snowflake integrations, or other third-party platforms
• Knowledge of shadow principal, token abuse, and adversary tactics
• Recognition as an industry expert

Responsibilities

• Define and enforce enterprise-wide AI security architecture patterns across: First-party AI/LLM deployments
• Microsoft Copilot and GitHub Copilot
• Azure OpenAI and plugin architectures
• Third-party managed AI platforms (e.g., Workday, ServiceNow, Solytics, and other integrated AI services)
• Ensure AI systems and plugins are securely integrated with Microsoft 365, Entra ID, Defender suite, Purview, and Azure services.
• Architect Model Context Protocol (MCP) patterns for safe containerized deployments: Secure pod-to-pod communication via microsegmentation
• API gateway authentication and rate limiting
• Container image integrity validation
• Grounding data access policy enforcement
• Centralized monitoring and logging for auditability
• Develop and maintain enterprise-wide AI security policy frameworks
• Partner with Data Protection, Legal, Procurement, and Business Units
• Design and implement policy-as-code and workflow-based governance controls
• Build and maintain AI-specific threat models
• Design AI-aware detection and response strategies
• Support red teaming, abuse case development, and adversarial testing
• Enable seamless and secure integration of Microsoft and third-party AI platforms
• Ensure data classification and DLP enforcement using Microsoft Purview
• Ensure AI interactions respect network boundaries
• Map AI-specific controls to CRI v2.1, NIST AI RMF, and OWASP Top 10 for LLMs
• Enforce end-to-end controls across the AI lifecycle
• Implement controls to protect confidentiality, integrity, and availability
• Act as a recognized authority on AI security
• Advise Security Leadership, Technology Leadership, and governance boards
• Present AI security strategy and posture to stakeholders
• Mentor security architects, engineers, and data scientists

Benefits

• Northern Trust provides a comprehensive benefits package including retirement benefits (401k and pension), health and welfare benefits (medical, dental, vision, spending accounts and disability), paid time off, parental and caregiver leave, life & accident insurance, and other voluntary and well-being benefits.
• Northern Trust also provides a discretionary bonus program that may include an equity component.