Security Architect

Delivery Project Lead

Job Title: Security Architect - AI Products & Multi-Cloud Security

Location: Offshore(Bangalore/Pune/Hyderabad)

Job Summary

We are seeking a skilled Security Architect to ensure the security of our AI-powered products across multi-cloud platforms. This role will focus on implementing end-to-end security practices during the entire software development lifecycle, ensuring data privacy, safeguarding AI models, and promoting Responsible AI practices. You will be instrumental in developing and enforcing security guardrails that protect our AI solutions from potential threats and vulnerabilities.

Key Responsibilities

Application Security: Develop security policies and practices for AI and ML models. Conduct security assessments, code reviews, and threat modeling for AI applications. Implement security measures following OWASP Top 10 guidelines to prevent common vulnerabilities. DevSecOps: Integrate security into CI/CD pipelines to enable automated security testing. Use tools like GitHub Actions, Jenkins, and Terraform to automate infrastructure security checks. Promote secure coding standards and practices across development teams. Data Security: Design and implement data protection mechanisms such as encryption (both at rest and in transit) and data anonymization techniques. Ensure compliance with data privacy regulations such as GDPR and CCPA. Utilize tools like Data Loss Prevention (DLP) and data masking technologies for sensitive data protection. Identity & Access Management (IAM): Develop and enforce IAM strategies across multi-cloud platforms (AWS, Azure, GCP). Implement Zero Trust Architecture and role-based access controls (RBAC) to safeguard user access. Utilize multi-factor authentication (MFA) and identity federation protocols. AI Security & AI Guardrails: Define AI guardrails to mitigate risks like model drift, bias, adversarial attacks, and unauthorized model access. Implement AI model monitoring tools like LIME, SHAP, and IBM AIF360 for model interpretability and fairness. Promote Responsible AI practices, ensuring ethical AI deployment and compliance with industry standards. Cloud Security: Architect and implement secure cloud environments using AWS, Azure, and GCP services. Leverage cloud-native security tools such as AWS Shield, Azure Security Center, and Google Security Command Center. Conduct regular cloud security audits and vulnerability assessments. Compliance & Governance: Ensure alignment with security and compliance frameworks like NIST, ISO 27001, and SOC 2. Lead security audits and penetration testing to identify and mitigate vulnerabilities. Establish security policies and guidelines to ensure organizational compliance.

Technical Skills Required

3 years of experience in Data Privacy, cybersecurity, focusing on AI and cloud security. Hands-on experience with one major cloud (AWS, Azure, or GCP) or preferably multi-cloud security (AWS, Azure, GCP) and AI model governance. Strong knowledge of DevSecOps practices and automated security testing. Proficiency with AI/ML security frameworks and tools for monitoring and securing AI models. Experience with security tools like Burp Suite, OWASP ZAP, and SonarQube. Familiarity with AI ethics, model explainability tools (e.g., LIME, SHAP), and AI risk management. Strong understanding of Privacy by Design Principle, data privacy regulations (GDPR, CCPA) and data security best practices. Knowledge of identity management solutions and best practices in IAM. Strong knowledge of Data lifecycle management in AI context.

Preferred Qualifications

Certified Information Systems Security Professional (CISSP) Certified Cloud Security Professional (CCSP) AWS Certified Security - Specialty Azure Security Engineer Associate Certified AI Ethics & Governance Professional

Soft Skills

Excellent communication skills to collaborate with cross-functional teams, including Data Science, DevOps, and Product Management. Strong analytical and problem-solving abilities. Proven ability to stay updated with the latest security trends, AI regulations, and cloud technologies. Ability to articulate security concepts and practices to both technical and non-technical stakeholders.

Nice-to-Have

Experience with Machine Learning Operations (MLOps) security. Hands-on knowledge of Container Security (Docker, Kubernetes). Familiarity with AI ethics frameworks and AI safety research. Exposure to Responsible AI tools and methodologies.

---