SIGNUP
Back to Jobs
XX
Principal Cloud Security ArchitectOpIrvine, California, United States
Find similar jobs

This job offer is no longer available

XX

Principal Cloud Security Architect

Op
  • US
    Irvine, California, United States
  • US
    Irvine, California, United States
Find similar jobs

About

Are you a visionary security leader with a passion for innovation? We’re seeking a Principal Cloud Security Architect to define and drive our organization’s security strategy in the cloud and AI landscape. In this pivotal role, you will collaborate across Infrastructure, Engineering, and Data/AI teams to design and implement cutting-edge security solutions that safeguard our digital ecosystem. Bringing a hands‑on engineering mindset, you’ll analyze code, identify vulnerabilities, automate security processes, and develop scalable detection and remediation tools. Your leadership will be instrumental in building resilient, secure, and developer‑friendly cloud and AI platforms that empower our organization to innovate confidently. Key Responsibilities Include
Defining cloud and AI security architecture patterns and standards based on industry best practices. Collaborating with architects, developers, and security engineers to design and implement secure, code‑driven controls across cloud and AI/ML systems. Driving security governance across multi‑cloud and AI platforms with a strong focus on automation and engineering‑led security practices. Leading efforts to identify vulnerabilities in application and infrastructure code, including misconfigurations, insecure patterns, and logic flaws. Building and enabling automated detection, threat hunting, and response capabilities through code and tooling. Supporting incident response efforts, including AI/ML‑specific threats, while developing reusable automation for containment and remediation.
Key Responsibilities
Cloud & AI Security Strategy & Architecture:
Lead the development of cloud and AI security architecture strategy with a strong emphasis on security engineering and automation‑first design. Define and implement “Security as Code” practices, embedding controls into infrastructure (IaC), CI/CD pipelines, and MLOps workflows. Design solutions integrating frameworks (NIST, ISO, SABSA, NIST AI RMF, OWASP Top 10 for LLMs) into developer‑friendly and code‑enforced architectures. Partner closely with engineering teams to ensure security is embedded in code, pipelines, and runtime environments—not just policies. Act as a senior advisor on secure coding, secure architecture patterns, and AI security adoption.
Risk & Threat Management:
Lead cloud and AI security assessments with a focus on code‑level and architecture‑level vulnerabilities. Establish threat modeling practices that include application logic, APIs, microservices, and ML models. Build and enhance threat detection and hunting capabilities using automation, scripting, and custom tooling. Integrate security telemetry into engineering‑driven detection pipelines (SIEM, SOAR, custom scripts, APIs). Guide incident response with an emphasis on automated response playbooks and repeatable remediation workflows.
Secure Development, AI/ML Security & Data Protection:
Build and evolve SSDLC into a developer‑centric, automation‑driven Secure SDLC, including SAST, DAST, SCA, and IaC scanning. Extend practices into Secure ML Lifecycle (SMLC) with secure MLOps/LLMOps pipelines. Review and analyze application code, APIs, and infrastructure‑as‑code (Terraform, CloudFormation, etc.) for security flaws. Develop and maintain security automation scripts, tools, and integrations to improve detection, response, and compliance. Implement controls for LLM and AI systems, including prompt security, output validation, and data protection. Ensure secure handling of training data, pipelines, and model artifacts.
Technology Enablement & Vendor Management:
Evaluate and implement cloud and AI security tools with a focus on API‑driven integration and extensibility. Lead development of custom security tooling and automation frameworks where off‑the‑shelf solutions fall short. Mentor teams on secure coding, automation, and building security into engineering workflows. Stay current with evolving threats in cloud, software supply chain, and AI ecosystems.
Education
A bachelor’s degree in Computer Science, Engineering, or a related technical field is required.
Experience
15+ years of experience in Information Security, with a strong foundation in software engineering or development. Minimum 5 years in Security Architecture with hands‑on engineering involvement. Strong background in software development, security engineering, or DevSecOps. Minimum 5 years in cloud environments (AWS, Azure, GCP). Proven experience building or contributing to security automation, tooling, or platforms. Demonstrated ability to read, understand, and review code for security vulnerabilities. Experience working closely with engineering teams in agile/DevOps environments. Strong leadership and communication skills.
Technical Expertise
Deep understanding of cloud‑native and AI security principles, including:
Cloud Architecture & Networking. Identity & Access Management (IAM). CI/CD and DevSecOps pipelines. Infrastructure as Code (Terraform, CloudFormation, etc.). Secrets Management & Data Protection. Logging, Detection, and Incident Response. Container & Kubernetes Security.
Security Engineering & Coding Skills.
Strong proficiency in one or more programming/scripting languages (e.g., Python, Go, Java, JavaScript). Ability to analyze application code and APIs for vulnerabilities. Experience building automation for detection, response, and remediation. Hands‑on experience with API integrations, event‑driven architectures, and security tooling automation.
AI/ML Security.
Understanding of model security, adversarial ML, prompt injection, and data poisoning. Experience securing MLOps/LLMOps pipelines and AI‑enabled applications.
Frameworks & Standards.
CIS Benchmarks, Cloud Security Alliance (CSA). NIST SP standards (800‑144, 800‑145, etc.). NIST AI Risk Management Framework (AI RMF). OWASP Top 10 for LLM Applications. Privacy and regulatory frameworks (GDPR, HIPAA, PCI‑DSS, etc.).
Certifications (Preferred, But Strongly Desired)
Mandatory / Strongly Preferred:
AWS Certification (minimum AWS Certified Cloud Practitioner). Advanced AWS certifications (Solutions Architect, Security Specialty) are highly preferred.
Alternative / Supplemental:
Google Cloud certifications (e.g., Professional Cloud Security Engineer).
Security Certifications:
CISSP, CISM, GIAC, etc. AI/ML Security Certifications (Nice to Have).
Benefits
401(k). Dental Insurance. Health insurance. Vision insurance. We are an equal‑opportunity employer and value diversity, equality, inclusion, and respect for people. The salary will be determined based on several factors, including, but not limited to, location, relevant education, qualifications, experience, technical skills, and business needs.
Additional Responsibilities
Participate in OP monthly team meetings and participate in team‑building efforts. Contribute to OP technical discussions, peer reviews, etc. Contribute content and collaborate via the OP‑Wiki/Knowledge Base. Provide status reports to OP Account Management as requested.
#J-18808-Ljbffr
  • Irvine, California, United States

Languages

  • English
Notice for Users

This job was posted by one of our partners. You can view the original job source here.

Find similar jobs