AI Security Senior Architect

Job Description

We are currently recruiting for an AI Security Senior Architect to join our London office.

The Information Security team is a strategic enabler for our global law firm, focused on protecting client data, intellectual property, and business operations while enabling secure innovation. Through four key pillars – Digital Trust, Technical Assurance, Security Operations, and Governance, Risk and Compliance (GRC) – the team delivers comprehensive security solutions that align with our firm’s strategic objectives as well as client and regulatory requirements.

Our integrated approach combines secure‑by‑design principles relying on Identity and Access Management, Technical Assurance, continuous monitoring and incident response through Security Operations, and proactive risk management through GRC. Working closely with the Markets Innovation Group (MIG) and Fuse, the firm’s legal‑tech incubator, we ensure emerging technologies and our innovative generative‑AI‑powered tool are implemented securely while maintaining the confidentiality, integrity and availability of our systems and data.

This collaborative model allows us to stay ahead of evolving threats while supporting the firm’s digital transformation initiatives and maintaining the trust of our clients and stakeholders.

The AI Security Senior Architect will be part of the Digital Trust team and will be responsible for architecting, maintaining and implementing the security of the Artificial Intelligence ecosystem in the organization. The position will be accountable for the security of the firm’s flagship AI product – Contract Matrix – as well as the security of the individual AI workloads.

This role is critical in translating the organisation’s Digital Trust vision into a workable, mature and optimised function and service. It requires extensive experience across all Identity and Access Management core disciplines, including identity management, identity governance and administration, privileged access, and conditional access – and in particular machine identities. It also requires deep technical skills in the Dev Sec Ops  space.

This role will support the transformation of IAM into a modern, automated, predictable and customer‑oriented function. The ideal candidate will excel at Microsoft Entra , Microsoft Azure, workload identities, managed accounts, machine identity management, and translating identified requirements into practical identity architecture and design.

• Leverage extensive knowledge and experience across all IAM disciplines to design, implement and continuously improve the portions of the organisational IAM architecture relating to AI workload identities.
• Work with the firm’s strategic technology partners in evaluating concepts to secure AI workloads, working towards the selection of the platform and architecture for securing them in the future.
• Influence and evaluate the decisions on the wider IAM components: directory, identity, privileged access, entitlements management to accommodate AI workloads into a coherent identity ecosystem.
• Configure and maintain technologies that support the IAM function and AI security such as Active Directory, Entra  Identity, Privileged Access, and Governance;
  Conditional Access Policies (for AI IDs);
  Cyber Ark, Palo Alto’s XSIAM and XSOAR platforms.
• Design and transition AI IAM service components into operation – operational manuals, support patterns, standard changes, request management.

• Work alongside the Contract Matrix product team to ensure that the solutions are designed securely from an access‑management perspective and that AI governance is adhered to.
• Integrate security into the SDLC from the ground up, ensuring AI models and systems are secure by default.
• Define and enforce secure coding practices for AI/ML components and APIs.
• Identify and assess threats specific to AI systems, such as model inversion, data poisoning, adversarial attacks, and model theft.
• Implement model encryption and access controls to prevent…