Principal Cybersecurity Architect Identity & Access Management for AI Systems
About the role
We are seeking a Principal Cybersecurity Architect to serve as a technical leader on identity and access management (IAM) for AI systems, large language models (LLMs), and autonomous AI agents. This is a position reserved for seasoned technical leaders who operate at the intersection of deep architecture expertise, enterprise-wide influence, and forward-looking security vision.
Key Responsibilities
Enterprise Vision: Act as the primary authority on AI identity security, providing guidance to executive leadership and engineering teams.
Cross-Functional Alignment: Drive strategy across cybersecurity, cloud platforms, GRC, legal, and business units.
Thought Leadership: Represent the organization in external forums, industry working groups, and vendor discussions regarding AI security standards.
Architecture Ownership: Define the long-term IAM architecture for AI systems and agents in cloud and hybrid environments, establishing reusable patterns and reference designs.
AI Agent Lifecycle & Governance: Identity Management: Oversee the full lifecycle for AI agents, from initial onboarding and cryptographic identity assignment to decommissioning.
Accountability: Maintain an unbroken chain of human ownership and traceability for all autonomous agents.
Access Control: Architect and enforce the Principle of Least Privilege (PoLP), Just-in Time (JIT), and Just-Enough-Access (JEA) patterns for AI workloads.
Compliance: Partner with GRC and privacy teams to ensure AI agent governance meets rigorous regulatory requirements.
Required Qualifications
Experience: 12+ years in cybersecurity, with a heavy emphasis on IAM.
Senior Leadership: 7+ years in Principal/Senior Architect roles for large-scale enterprise or cloud-native environments.
Cloud Expertise: Expert-level knowledge of AWS IAM (roles, policies, SCPs, federation) and AWS Identity Center.
AI Security: Proficiency with AWS Bedrock Identity/AgentCore and similar frameworks.
Conceptual Depth: Expert understanding of Zero Trust architecture and its application to AI/agentic workloads.
Communication: Exceptional ability to distill complex technical risks for executive stakeholders.
Preferred Qualifications
Multicloud: Experience with Microsoft Azure IAM (Entra ID, Managed Identities, Azure AI).
Governance Tools: Familiarity with IGA technologies (e.g., Saviyant) and NHI (Non Human Identity) governance.
Agentic Security: Knowledge of LLM-specific threats (OWASP LLM Top 10) and prompt injection mitigation.
Frameworks: Understanding of SPIFFE/SPIRE for workload identity.
Certifications: AWS Certified Security – Specialty, CISSP, CISM, or CCSP.
The First 12 Months
Measuring Success
30 Days: Establish core partnerships with AI Foundry and engineering leads.
60 Days: Complete an authoritative assessment of the current AI IAM risk posture.
90 Days: Publish the AI agent identity lifecycle framework and enterprise standards.
8–12 Months: Scale governance, implement recurring recertification campaigns, and integrate full IAM controls into the AI Foundry delivery pipeline.
Additional Information
GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation.
GE Vernova is an Equal Opportunity Employer.
Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE Vernova will only employ those who are legally authorized to work in the United States for this opening.
Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No
Application Deadline
July 17, 2026
Available Benefits
Medical, dental, vision, and prescription drug coverage.
Access to Health Coach from GE Vernova, a 24/7 nurse-based resource.
Access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services.
Retirement benefits include the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and financial planning consultants.
Tuition assistance, adoption assistance, paid parental leave, disability benefits, life insurance, 12 paid holidays, and permissive time off.