Senior AI Security Architect
Grayscale Investments · Stamford, CT · 3 wk ago
HybridInformation TechnologyFull-time
Position Summary
Grayscale Investments is seeking a Senior AI Security Architect to partner with our AI Enablement squad and broader engineering organization to ensure the safe, controlled adoption of AI across the firm.
Responsibilities
- Partner with engineering teams to design secure AI-enabled systems and define the security requirements, controls, and guardrails necessary for production deployment.
- Develop and maintain AI security standards, reference architectures, and approved design patterns for AI-enabled applications, platforms, and workflows.
- Lead threat modeling, architecture reviews, and security assessments for AI use cases, identifying risks such as prompt injection, data leakage, model misuse, and unintended agent behavior.
- Define and implement controls to protect sensitive data, including access controls, data segregation, lifecycle management, logging, monitoring, and auditability requirements.
- Establish security requirements for enterprise AI platforms, including model access, tool permissions, integration patterns, and third-party AI provider usage.
- Define validation, monitoring, detection, and incident response requirements for AI-enabled systems and partner with engineering and security operations teams to ensure effective implementation.
- Define secure patterns for the use of AI throughout the software development lifecycle, including code generation, developer tooling, and AI-assisted engineering workflows.
- Assess and manage technical and operational risks associated with AI systems and third-party providers, including exception management, risk acceptance, and regulatory alignment.
- Partner with compliance, audit, and business stakeholders to ensure AI-enabled processes meet regulatory, control, and governance requirements.
- Stay current on emerging AI security risks, technologies, frameworks, and best practices, helping shape Grayscale's long-term AI security strategy.
Qualifications
- 7+ years of experience in cybersecurity, security engineering, application security, or security architecture.
- Experience designing and implementing security controls in cloud-native environments, preferably AWS.
- Strong understanding of security fundamentals including identity and access management, data protection, network security, monitoring, and incident response.
- Experience developing security standards, architecture patterns, and engineering guardrails for enterprise technology environments.
- Experience conducting threat modeling, architecture reviews, and security assessments for complex applications and platforms.
- Familiarity with AI/ML systems, including LLMs, agentic workflows, and AI-enabled application architectures.
- Strong programming and scripting capabilities (e.g., Python, Terraform, Infrastructure-as-Code) with the ability to review, analyze, and validate technical implementations.
- Strong understanding of modern software development practices including CI/CD, APIs, cloud-native architectures, and secure software development lifecycle (SSDLC) principles.
- Experience operating in regulated environments with strong control, audit, and compliance requirements, preferably within financial services.
- Strong communication skills with the ability to influence engineering teams and translate complex security risks into practical technical solutions.