AI Security Architect

Req

Job Title:

AI Security Architect (Agent Security, Observability, SOC Monitoring & Compliance Enablement)

Location:

Dallas, Texas (onsite)

Experience level: 10+ years

• AI Platform Admin (M365, copilot Studio) – Manages AI platforms and environments, including access provisioning, governance controls, and policy enforcement (e.g., DLP, security, and compliance).
• AI Reusable Utility – Develops reusable components (e.g., prompts, connectors, APIs, templates) to accelerate AI solution delivery and promote standardization across use cases.
• AI Common Infrastructure, Framework & Observability Architect (AWS and Azure) – Designs and maintains the foundational AI infrastructure, frameworks, and observability capabilities (telemetry, monitoring, metrics) required for scalable, reliable, and governed AI operations.

• Non-Human Identity & Access – Define strict Role-Based Access Control (RBAC) and least-privilege models for AI agents using identity systems (e.g., Entra Agent ).
• Guardrails & Sandboxing – Design runtime environments with restricted permissions to prevent manipulated agents from accessing unauthorized APIs, data sources, or executing malicious tool chains.
• Input/Output Protection – Implement defenses against adversarial attacks, prompt injections, jail breaking, and sensitive data leakage (DLP) across agent workflows.

• Decision Traceability – Architect logging and monitoring standards to map how reasoning agents use data and call APIs, eliminating "black box" decisions.
• Model Drift & Integrity – Monitor models and prompt templates in production to detect behavioral drift, anomalies, and poisoning or evasion attacks.

• Autonomous Security (AI SOC) – Design LLM-driven and agentic workflows to improve alert triage, contextual correlation, false-positive filtering, and playbook automation.
• Incident Response Playbooks – Establish remediation strategies and threat-hunting procedures for AI-specific events (e.g., compromised model artifacts, hallucination-driven exploits).

• Regulatory Alignment – Map AI-specific controls to established standards like the NIST AI RMF, OWASP Top 10 for LLMs, and GDPR.
• Audit Readiness – Build audit pipelines that track and explain everything an agent does to satisfy ongoing AI regulatory compliance and governance requirements.

• Define and maintain AI security reference architectures for multiple AI deployment patterns, including MCP / Agentic AI and LLM application stacks (RAG, tools/plugins, agents, orchestration).
• Establish and evolve security requirements, patterns, and guardrails across the AI/ML SDLC (design → build → run), including secure pipelines and platform controls.
• Own AI security architecture decisions across critical domains: identity, secrets, data protection, network controls, tenancy boundaries, logging/telemetry, and isolation for training/inference.

• Design and deploy controls to ensure model integrity and governance, including RBAC/ABAC for models, feature stores, data sets, registries, and evaluation artifacts.
• Build/enable technical mechanisms for provenance, attestation, signing, and approval workflows across datasets, models, prompts, and deployments.
• Drive implementation of runtime protections for AI services (abuse prevention, rate limiting, input/output validation, prompt-injection mitigations, model endpoint hardening, and monitoring).

• Conduct and lead AI/ML-specific threat modeling (data poisoning, model evasion, extraction, inversion, supply-chain, prompt attacks), translate findings into actionable backlogs, and drive remediation.
• Define and run security design reviews for AI initiatives; provide clear, pragmatic architecture guidance and document exceptions with risk acceptance paths.
• Establish AI security testing approaches (adversarial testing, red‑teaming enablement, evaluation security, misuse/abuse cases) and integrate into delivery pipelines.