Security Architect

AI71

Key Responsibilities

• Define and evolve the end-to-end security architecture for AI systems, data platforms, and cloud-native infrastructure.
• Establish and enforce Zero Trust principles, including identity-first security, mTLS, and fine-grained access control (RBAC/ABAC).
• Design secure patterns for distributed systems, event-driven architectures, and multi-tenant environments.

Platform and Infrastructure Security

• Define security standards for Kubernetes-based platforms, including workload isolation, network policies, and runtime protection.
• Establish container and software supply chain security practices (e.g., image scanning, SBOM, signing, and provenance).
• Design secure deployment architectures for both cloud and restricted/air-gapped environments.

AI and Data Security

• Define and implement security controls for LLM-based applications, RAG pipelines, and data platforms.
• Establish safeguards against AI-specific threats such as data poisoning, model extraction, and data leakage.

DevSecOps and Governance

• Embed security into GitOps and CI/CD workflows, including policy-as-code and automated enforcement.
• Define and maintain secure SDLC practices aligned with ISO 27001 and internal governance frameworks.
• Lead threat modeling, architecture reviews, and security validations.

Observability and Threat Detection

• Define requirements for security observability, including audit logging and anomaly detection.
• Ensure integration of security signals into observability platforms (e.g., OpenTelemetry).

Leadership and Collaboration

• Act as a security advisor to engineering and AI teams.
• Review system designs and enforce security standards.
• Mentor engineers and promote a strong culture of security awareness.