Cloud & AI Security Architect

About the Role

We are seeking a hands‑on Cloud & AI Security Architect with proven enterprise experience securing and delivering AI systems built on AWS Bedrock and/or Azure AI Foundry. This is a delivery‑focused architecture role. Candidates must have directly worked on production GenAI systems, not just designed or advised on them. You will define and implement security architecture for AI‑enabled cloud platforms, ensuring secure‑by‑design implementation across LLM, RAG, and agent‑based systems in a regulated enterprise environment.

Required Experience (must‑have)

• Hands‑on delivery of production AI systems using AWS Bedrock and/or Azure AI Foundry
• Direct experience securing LLM‑based applications in enterprise environments
• Experience building or securing RAG pipelines, AI APIs, or agentic workflows
• Implementation of security controls (not just design or governance)
• Experience operating in regulated enterprise environments

Key Responsibilities

• Design and implement security for GenAI systems using AWS and Azure AI platforms.
• Secure LLM applications, including prompt flows, RAG pipelines, and agent workflows.
• Define and enforce model access controls, data boundaries, and interaction security.
• Implement security architecture across AWS and Azure environments (IAM, federation, least privilege, identity governance).
• Apply network security (zero trust, segmentation, private endpoints) and encryption/key management and secrets handling.
• Secure CI/CD and DevSecOps integration.
• Threat model AI systems (LLMs, agents, orchestration layers) and identify/mitigate risks such as prompt injection, data leakage, and model abuse.
• Define guardrails for safe enterprise AI adoption.
• Review HLDs/LLDs for cloud and AI systems, ensuring alignment with enterprise security and regulatory requirements, and translate security requirements into implementable engineering controls.

Required Skills

• Cloud Security IAM, SSO, RBAC/ABAC models
• Cloud network security (VPC/VNet, segmentation, private connectivity)
• KMS/HSM, encryption, and secrets management
• SIEM integration and security monitoring
• DevSecOps / CI‑CD security controls
• AI Security (hands‑on required)
• Securing LLM applications in production
• RAG architecture security
• Agentic AI workflow security
• Prompt injection and LLM abuse mitigation
• AI data governance and access control
• Architecture & Delivery: Proven ability to design and implement HLD/LLD in production environments
• Experience producing reusable security architecture patterns
• Ability to work directly with engineering teams to implement controls
• Strong understanding of balancing delivery speed with security requirements

Success Criteria

• AI systems on AWS Bedrock / Azure AI Foundry are secure by design
• Security patterns are reusable and adopted by engineering teams
• AI features can be delivered quickly without introducing unmanaged risk
• Clear alignment between AI innovation and enterprise security requirements

#J-18808-Ljbffr…