Principal Security Architect – This role leads the development and enforcement of security architecture across a global technology environment focused on AI and cloud innovation. You will shape the future of secure engineering by designing resilient systems, guiding risk-informed decisions, and embedding security into product and platform lifecycles.
Key Responsibilities
- Establish and evolve enterprise-wide security architecture standards, reference models, and design blueprints
- Lead threat modeling sessions and security assessments for critical systems, software products, and machine learning models
- Work closely with engineering, MLOps, and product development teams to integrate security into SDLC and CI/CD pipelines
- Design and oversee identity and access management solutions, including SSO, MFA, role-based access, and privileged account controls
- Advocate for secure data handling through encryption, tokenization, and classification strategies
- Guide secure integration of third-party platforms, APIs, and cloud services
- Support security operations with scalable architectures for monitoring, detection, and incident response
- Participate in client audits, internal compliance reviews, and TPN assessments
- Identify and implement AI-driven improvements to security processes such as risk analysis, architecture reviews, and detection engineering
- Design secure AI agents and automation platforms used internally by engineering and security teams
- Prototype and lead development of internal security tools and AI-enhanced workflows
Required Qualifications
- Minimum of 10 years in cybersecurity, with at least 5 years in security architecture or technical leadership roles
- Broad experience across cloud security, application security, AI/ML security, identity management, data protection, and infrastructure security
- Proven application of security frameworks including OWASP SAMM, OWASP ASVS, MITRE ATLAS, and Zero Trust principles
- Strong grasp of secure software development, threat modeling, and API security best practices
- Familiarity with AI-specific risks such as prompt injection, model poisoning, and adversarial attacks
- Working knowledge of compliance standards including ISO 27001, GDPR, and TPN
- Excellent communication skills with the ability to engage both technical teams and business stakeholders
Preferred Qualifications
- Experience with security tooling such as SAST, DAST, SCA, CSPM, CWPP, CNAPP, IaC scanners, and container security platforms
- Background in designing logging architectures, incident response systems, and integrating SIEM/SOAR solutions
- Knowledge of NIST, SABSA, and enterprise security reference models
- Experience securing media, entertainment, or creative technology platforms and protecting high-value intellectual property
- Track record building internal developer tools, security automation, or secure platform solutions
- Hands-on use of AI/LLM frameworks like LangChain or OpenAI APIs for internal tooling
- Familiarity with AI agent architectures and AI-augmented engineering workflows
- Experience integrating security into MLOps and AI development pipelines
