Jobs · Art & Creative

Principal Architect, AI-Native Security

World Wide Technology · United States · 2 wk ago
RemoteRemoteArt & Creative$170k–$200k/yrFull-time

About the role

The Solutions Consulting & Engineering (SC&E) Team at WWT is Customer Focused and Solutions Led. We deliver end-to-end and emerging solutions to drive customer satisfaction, increase profitability and growth. Our success is enabled by our world-class management consulting, delivery excellence, and engineering brilliance.

Responsibilities

  • Set and maintain architectural standards across all Digital + Security offerings, ensuring repeatability, quality, and margin integrity across engagements.
  • Own the technical SOW narrative: scope definitions, assumptions, acceptance criteria, and phasing for all practice engagements.
  • Lead technical discovery workshops on strategic or complex engagements — assessing current-state AI and SDLC maturity, identifying security exposure, and defining target architecture; hand off day-to-day discovery execution to the Consultant on standard engagements.
  • Co-present findings and solution designs alongside the Consultant at CISO, CTO, and CIO-level stakeholders — providing architectural depth and translating between engineering complexity and business risk language.
  • Mentor the AI Security Consultant and AI Security Engineer; serve as the senior escalation point on delivery across all engagements.
  • Get hands-on with prototypes and proof-of-concept implementations — leveraging AI-assisted development tools to move quickly from architectural concept to working demo, helping the practice stay ahead of a fast-moving threat and technology landscape.
  • Collaborate with WWT partner ecosystem (Palo Alto, Cisco, Microsoft, AWS, Snyk) to integrate partner capabilities into joint architectures.
  • Own the technical architecture of the AI-native security agentic system end-to-end — from initial implementation through iterative evolution; incorporating lessons from client engagements, emerging threat models, and partner capability changes into versioned architectural updates that propagate across all active and future deployments, establishing the framework within which the AI Security Engineer implements and customizes solutions for individual client engagements.
  • Define the architectural approach to AI governance and compliance for regulated client environments — establishing the design patterns for audit trails, model provenance, data lineage, and access logging that the AI Security Engineer implements, ensuring they hold up to regulatory scrutiny in sectors such as banking and financial services.
  • Actively track the evolving AI threat and adversarial research landscape — monitoring emerging attack techniques against agentic systems, evaluating their relevance to the practice’s client base, and feeding findings back into architectural standards, offering updates, and team knowledge; this is an ongoing responsibility, not a background activity.
  • Contribute to practice growth: offering development, reusable accelerators, and go-to-market positioning in partnership with practice leadership.

Qualifications

  • 8-12 years in solutions architecture; T-shaped profile with deep expertise across both AI/ML systems and security architecture, and enough breadth across the broader technology landscape to contribute credibly beyond the security domain when needed.
  • Comfortable getting hands dirty — uses AI-assisted development tools to prototype and validate ideas quickly; treats implementation as a thinking tool, not just a downstream deliverable.
  • Proactive and curious by default — tracks the AI security landscape independently, brings new ideas to the practice without waiting to be asked, and finds ways to move fast in ambiguous situations.
  • Deep cloud architecture experience (Azure, AWS, or GCP) with security-native design patterns: zero trust, least privilege, IAM/NHI design.
  • Familiarity with MITRE ATT&CK, OWASP (traditional and Agentic Top 10), NIST AI RMF — able to apply them in architecture design, not just cite them.
  • Strong SDLC and DevSecOps architectural knowledge — understands where security controls fit in the development lifecycle.
  • Experience in professional services, consulting, or managed services delivery — knows how to scope work, protect margin, and manage client expectations.
  • Demonstrated ability to define and own SOW language, acceptance criteria, and delivery phasing.

Similar jobs