Lead Cybersecurity - Application Security Architect – AI Models, Frameworks & Implementation

Overview

This position requires office presence of a minimum of 5 days per week and is only located in the location(s) posted. No relocation is offered.

Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won’t just imagine the future—you’ll create it.

The Application Security Architect is responsible for defining and driving secure-by-design approaches for AI-enabled applications and services. This role focuses on protecting the full lifecycle of AI/ML systems, including LLM-based applications, agentic workflows, retrieval-augmented generation (RAG), model APIs and inference services, training/fine-tuning pipelines, and third-party AI integrations. The architect leads AI security from a vulnerability management and risk-reduction perspective and collaborates with cross-functional teams to reduce exploitability and accelerate remediation across the AI lifecycle.

• Design, review, and validate secure architectural patterns for AI/ML and LLM-enabled applications, including locally hosted models, cloud-native AI services, API-based model access, RAG systems, and agent-based workflows.
• Define secure reference architectures for AI integrations across applications, services, and platforms.
• Ensure security is embedded into AI solution design from the start, including trust boundaries, identity controls, data flows, model access, and output handling.
• Advise teams on secure use of frameworks such as Azure AI Foundry, Lang Chain, Semantic Kernel, OpenAI/Azure OpenAI integrations, and similar orchestration or inference technologies.

• Lead threat modeling sessions for AI-enabled applications and platforms to identify abuse cases, architectural weaknesses, and control gaps.
• Assess risks such as prompt injection, model evasion, data poisoning, jail breaks, model inversion, model extraction, tool misuse, and unauthorized privilege escalation through agent workflows.
• Conduct technical security reviews of AI applications, integrations, and architectures with remediation recommendations and risk prioritization.

• Define and implement AI-specific security guardrails, including prompt/input filtering, context validation, output sanitization, response validation, policy enforcement, model/tool access restrictions, and sensitive data handling controls.
• Recommend and help implement controls for human-in-the-loop approvals, action scoping, tool permissions, content safety, and unsafe output suppression in agentic or autonomous systems.
• Validate that security controls are effective in real usage scenarios and resilient against adversarial behavior.
• Support application teams in integrating AI protections into code, middleware, APIs, and orchestration frameworks.

• Embed security into the AI/ML development lifecycle by integrating controls into CI/CD and ML pipelines, including data ingestion, model packaging, deployment, and runtime validation.
• Help implement security scanning and policy checks for models, datasets, dependencies, containers, APIs, infrastructure-as-code, and deployment pipelines.
• Define secure operational patterns for model versioning, rollback, promotion, and change management.
• Partner with engineering teams to automate repeatable security checks and guardrails across AI-enabled delivery pipelines.

• Write, review, and where needed help implement code to support AI security controls, automation, integrations, and remediation activities.
• Work within standard software development workflows using source control platforms such as Git Hub, including branch management, pull requests, code review, and CI/CD integration.
• Partner with engineering teams to secure repositories,…