GenAI Security Platform Architect

GenAI Security Platform Architect – Liberty Mutual Insurance

We deliver our customers peace of mind every day by helping them protect what they value most. Our passion for placing the customer at the center of everything we do is driving a transformational shift at Liberty Mutual. Operating as a tech startup within a Fortune 100 company, we are leading a digital disruption that will redefine how people experience insurance.

At Liberty, you’ll thrive in a hybrid setting that fosters in-person collaboration, innovation and growth. This approach optimizes both remote and in-person interactions, enabling you to connect and ideate with your team and deepen valuable relationships across the company, while still enjoying the flexibility of remote work for focused tasks and projects.

This role has a hybrid work schedule (2 days onsite) for candidates based in Portsmouth, NH, Boston, MA, Plano, TX, Indianapolis, IN and Columbus, OH.

The Security Architecture & Innovation team within the Global Cybersecurity (GCS) organization is seeking a seasoned GenAI Security Platform Architect with expertise in securing AI/ML systems and GenAI applications. The candidate will define and drive the security architecture, controls, and governance for our AI platforms, models, and AI-enabled products. This role partners closely with Data Science, Enterprise Data & Analytics Technology, MLOps, Platform/Cloud, Legal/Privacy, and Global Cybersecurity Governance Risk and Compliance to design secure-by-design AI solutions that are resilient to adversarial threats and meet evolving regulatory requirements.

• Define and own the end-to-end security architecture for AI/ML systems (training, fine-tuning, inference/serving, RAG, agents, and integrations).
• Develop and maintain reference architectures and guardrails for common AI patterns (e.g., RAG with vector databases, multi-agent workflows/orchestration, LLM API integrations, on-prem vs. cloud model hosting).
• Build and maintain an AI security controls library mapped to frameworks (e.g. NIST AI RMF, OWASP Top 10 for LLM Apps, MITRE ATLAS).
• Establish risk appetite and control requirements across the AI lifecycle; perform design reviews and signoffs for AI initiatives.
• Define security baselines, secure configurations, and kill-switch/rollback strategies for AI components.
• Continuously assess threat landscape and update risk models specific to AI/ML, GenAI, and insurance sector adversaries.
• Integrate security into the ML/LLM SDLC and CI/CD pipelines (dataset curation, feature engineering, model training, evaluation, packaging, registry, deployment).
• Partner across Global Cybersecurity, Global Digital Solutions (Cloud/Platforms/Infrastructure/Endpoint), and Liberty IT to enforce least privilege, secrets management, and policy-as-code for AI pipelines and serving infrastructure.
• Champion Dev Sec Ops  automation for AI projects by embedding security controls and testing directly into development pipelines.
• Recommend and consult on adversarial testing and red teaming for AI systems; coordinate jailbreak/prompt-injection testing, model evasion scenarios, and safety evaluations.
• Drive monitoring for model drift, anomaly detection, and harmful output prevention; set response strategies and develop response playbooks for AI incidents.
• Ensure data minimization, classification, encryption, and access controls for training and inference data (incl. embeddings and vector stores).
• Ensure compliance with global privacy regulations (CCPA, NYDFS, GDPR, etc.) in AI/ML contexts.
• Recommend and consult with GRC on the establishment AI security governance, policies, and standards.
• Define control objectives and measurable KPIs; support vendor/security assessments for AI services and model providers.
• Enablement and leadership:
  Evaluate and select AI security tools; manage POCs and guide build-vs-buy decisions.
• Mentor teams on best practices in AI/ML security; help build internal capability across engineering, risk, and product functions.

• Bachelor’s degree in Computer Science, Engineering, Information Security, or equivalent experience.
• Minimum 8+ years in Cybersecurity with 3+ years focused on securing AI/ML systems or GenAI applications in production.
• CISSP certification required.
• Demonstrated deep experience designing secure architectures for ML pipelines, MLOps platforms, GenAI workloads, and cloud-native environments.
• Strong knowledge of AI-specific threats and mitigations.
• Practical familiarity with security frameworks (NIST AI RMF, OWASP Top 10, MITRE ATT&CK/ATLAS).
• Hands‑on experience implementing identity and access controls, secrets management, encryption, DLP, and monitoring for AI systems.
• Demonstrated ability to learn and build expertise in emerging technologies and architectural concepts.
• Strong influencing, consensus-building, and communication skills.
• Ability to collaborate effectively with all organizational levels and diverse backgrounds.

• Experience with…