AI Security Architect
Promantus Inc · Plano, TX · 1 mo ago
Information TechnologyFull-time
Key Responsibilities
- Design enterprise-grade security architectures for AI, GenAI, LLM, and Agentic AI platforms.
- Build secure AI environments for: LLM applications, multi-agent systems, Autonomous AI workflows, Agentic RAG architectures, Vector databases, and model serving platforms. Implement secure AI gateways and AI orchestration frameworks.
- AI Threat Modeling: Develop threat models covering the following threats: Prompt injection, Jailbreaking, Data exfiltration, Model theft, Agent compromise, Memory poisoning, Cross-tenant attacks, Insider threats, and AI-generated malicious content.
- Knowledge of AI OWASP top 10 threats and mitigation strategies and hands-on experience with MITRE ATLAS.
- Design architectures that secure a multi-tenant AI environment: Tenant isolation, Data Protection (encryption and secrets management, secure token handling), AI Access Control (RBAC, ABAC, Context-aware, zero-trust).
- RAG Security Architecture: Data Leakage prevention, Vector database security (Namespace isolation, Tenant-specific embeddings), Retrieval Governance.
- AI Gateway Security Architecture and Agent Security: Incoming prompt inspection and protection, outgoing response data protection and compliance policies enforcement.
- AI Guardrails Architecture: Input Guardrails (prompt sanitization, classification, and injection detection), Retrieval Guardrails (access verification, data sensitivity checks), and Output Guardrails (data leakage, hallucination check, regulatory and compliance check).
- Define AI security governance - Establish AI security standards, conduct architecture reviews, define security patterns and reusable controls.
Experience
- 5+ years designing cloud-native security solutions (preferably Azure).
- 3+ years securing AI/ML platforms.
- Experience with LLM security and hands-on experience with MITRE ATLAS
- Experience with agentic AI architectures.
- Experience with AI governance and risk management.
- Hands-on experience in securing LLM-based deployments/applications/servers and MCP-based ecosystems.