Principal Cloud Security Engineer

Your Responsibilities

We are seeking an enthusiastic and passionate professional for a Senior Cloud, AI & Data Security Engineer role who wants to design and implement security solutions for systems and services across AWS, Azure, and AI/ML platforms
. We need someone who can establish the highest standards that meet and exceed security governance solutions and practices, provide assurance to management and auditors, and ensure sustained protection by embedding controls in operational and Dev Ops (CI/CD) practices with a focus on automation.

We are looking for someone who has a high level of technical security expertise and who takes seriously the responsibility of monitoring, detecting, protecting, and maintaining the security of data, AI/ML systems, cloud platforms, and networks
.

• Developing and implementing secure cloud and AI/ML architectures using a risk-based cybersecurity and data privacy strategy
• Defining security patterns, roadmaps, and operating models that leverage collaboration
• Facilitating industry-standard information security governance
• Advising senior leadership on cybersecurity, AI risk, and privacy risks, threats, and investment strategies
• Documenting appropriate policies and procedures to manage information security risks, including those unique to AI/ML systems and sensitive data assets

As a qualified candidate, you will be part of the team driving BMO's Cloud, AI, and Data Security implementation. Based on your previous experiences, you will inject new knowledge and skills into an already high-performing team, thus elevating our efforts to new heights.

• Assess, design, implement, automate, and document security solutions, controls, and processes for Amazon Web Services (AWS) and Microsoft Azure cloud platforms
• Develop and maintain security patterns for cloud platforms and services; assess all cloud patterns to ensure adherence to best security practices and controls
• Design and implement security baseline controls for Cloud Services for integration into the CI/CD process
• Build and deliver policies as code, automating security controls and best practices
• Review and approve code and changes with security implications (e.g., IAM Roles and Policies, Security Groups, etc.)
• Be the cloud security subject matter expert for the Cloud Engineering group and its partners in any IaaS, PaaS, and SaaS implementations

• Define and implement a security framework for AI/ML systems, covering the full model lifecycle from data ingestion and training to deployment and monitoring
• Assess and mitigate AI-specific threats including adversarial attacks, model inversion, data poisoning, prompt injection, and model theft
• Evaluate and secure AI/ML platforms and tools (e.g., Amazon Sage Maker, Azure Machine Learning, Hugging Face, OpenAI APIs) against organizational risk standards
• Collaborate with data science and AI engineering teams to integrate security controls into MLOps pipelines, ensuring model integrity, access controls, and auditability
• Monitor emerging AI threat landscapes and regulatory developments (e.g., EU AI Act, NIST AI RMF) and translate these into actionable organizational controls

• Implement and manage data security posture management (DSPM) tools to continuously monitor sensitive data exposure across cloud environments
• Establish controls for structured and unstructured data stores, including databases, data lakes, data warehouses (e.g., Snowflake, AWS S3, Azure Data Lake), and file sharing platforms
• Drive the adoption of data-centric security practices within application development and analytics teams

• Provide subject matter expertise on architecture, authentication, and systems security based on a clear understanding of the engineering stack, services, and data flow
• Lead focused and continuous cybersecurity risk assessments of new and existing technologies – including AI/ML systems and data platforms – to identify risks and appropriate controls that balance security and operability
• Provide effective and pragmatic cybersecurity guidance upfront in major technology projects to enable the business to innovate securely
• Assist in the investigation and remediation of security incidents and issues, including those involving AI model compromise or data breaches
• Work closely with Information Security, product, and software development teams to assess cybersecurity risk and recommend solutions in cloud, AI, and data environments

• You are a self-starter, driven, and can handle multiple projects and priorities
• You are passionate about driving the Dev Sec Ops  and MLSecOps mindset and culture in a fast‑paced, challenging environment where you get the opportunity to work with the latest tools and technologies
• You understand the intersection of security, AI, and data, and actively seek to build bridges between these disciplines
• You are actively looking to improve the solutions you implement, understand the efficacy of…