AI/Cloud Cyber Security, Senior Manager/Architect/Lead
recruit22 · Chicago, IL · 2 wk ago
RemoteRemoteInformation TechnologyFull-time
Key Responsibilities
- Establish a threat-informed program to defend against AI-enabled attacker capabilities, including automated reconnaissance, highly personalized phishing, synthetic identity fraud, and scalable credential abuse.
- Define controls and operational procedures to mitigate impersonation and deepfake risk (executive fraud, clinician impersonation, IT helpdesk scams), including identity verification patterns and secure approval workflows.
- Partner with IAM, Email Security, SOC, and Compliance stakeholders to implement detection and response patterns for AI-amplified threats.
- Define reference architectures and engineering guardrails for securing AI/ML workloads in cloud environments, including: Workload identity, least privilege, privileged access (PAM), Network controls (private endpoints, segmentation, egress restrictions), Encryption, KMS/HSM integration, secrets management, Secure container/Kubernetes patterns and hardened runtime controls, Centralized logging/telemetry, threat detection, and response integration.
- Drive secure-by-default patterns for AI platform services (managed ML platforms, vector databases, model endpoints, feature stores, data pipelines).
- Implement and govern security requirements for ModelOps/MLOps pipelines, including CI/CD integration, artifact integrity, provenance/attestation, and secure release controls.
- Define testing and monitoring standards for AI-specific risks such as prompt injection, data poisoning, model inversion, membership inference, model theft, and supply chain compromise.
- Partner with Compliance and Privacy to ensure appropriate use and protection of PHI/ePHI in training and inference workflows (minimization, de-identification, access control, auditability).
- Lead the strategy and implementation of agentic AI to enhance incident response and security operations.
- Define governance for security agents: least privilege, tool access controls, prompt/chain protection, validation of outputs, safe fallbacks, and change management.
- Ensure AI and cloud security controls align with HIPAA/HITECH expectations and organizational risk management practices; support HITRUST/NIST-aligned control mapping where applicable.
- Establish AI/cloud security standards, policies, and control requirements for internal development and third-party services (including vendor due diligence for AI providers and model transparency expectations).
- Provide executive-ready reporting on AI and cloud security posture, top risks, and control maturity.
- Own the cloud security architecture strategy for the enterprise, defining target-state patterns across IaaS/PaaS/SaaS for Azure/AWS/GCP (as applicable).
- Establish and maintain cloud security reference architectures, reusable blueprints, and approved patterns (landing zones, network segmentation, identity, logging, encryption, secrets, platform services).
- Lead (or co-lead with Enterprise Architecture) a Cloud Security Architecture Review Board and define governance processes for design approvals, exceptions, and risk acceptance.
- Define and enforce cloud guardrails using policy-as-code (e.g., Azure Policy, AWS SCPs), infrastructure-as-code standards, and automated compliance checks.
- Drive adoption and operationalization of CNAPP/CSPM/CWPP capabilities (where applicable), including posture monitoring, risk prioritization, and remediation workflows.
- Establish cloud security requirements for platform teams and product teams, including secure configuration baselines, logging/telemetry standards, and workload onboarding criteria.
- Influence budgets, tool selection, and prioritization for AI/cloud security investments and roadmap.
Required Qualifications
- 10+ years of progressive experience in cybersecurity, with substantial depth in cloud security engineering and architecture (Director level typically 12-15+ years), including responsibility for enterprise-scale control design and implementation.
- Strong hands-on experience securing modern cloud workloads and platforms, including containers/Kubernetes, CI/CD pipelines, infrastructure-as-code, secrets management, encryption/key management, centralized logging/telemetry, and workload identity/least privilege.
- Hands-on, practical experience securing AI/ML systems in production, including direct involvement in one or more of the following: Designing and implementing security controls for LLM and/or ML workloads hosted in cloud environments (training and/or inference), Securing MLOps/ModelOps pipelines (model build, artifact management, deployment, monitoring), including controls for artifact integrity, provenance/attestation, access governance, and secure release gates, Implementing protections and testing for AI-specific threats such as prompt injection, data poisoning, model theft/exfiltration, model inversion, membership inference, and supply chain compromise, Establishing runtime and application-layer controls for AI services (e.g., model endpoint security, API protection, egress controls, content filtering/validation, rate limiting, abuse detection), Implementing monitoring and detection for AI systems, including telemetry for model behavior, drift/anomaly signals, and security event integration into SIEM/SOAR.
- Proven ability to translate AI/cloud risks into actionable engineering roadmaps and to drive execution across a matrixed enterprise (Cloud Platform, Data, App Engineering, Security Operations).
- Excellent operational security foundation, including experience integrating cloud and AI telemetry into SIEM/EDR/XDR/SOAR workflows and improving detection and response outcomes.
- Excellent executive communication skills, including the ability to articulate AI and cloud security risks in terms of patient safety, regulatory exposure, operational resilience, and business impact.