SIGNUP
Back to Jobs
XX
Sr. Information Security Architect - AI & Cloud SecurityBank of AmericaSeattle, Washington, United States
Apply Now
XX

Sr. Information Security Architect - AI & Cloud Security

Bank of America
  • US
    Seattle, Washington, United States
  • US
    Seattle, Washington, United States
Apply Now

About

Position Overview The Sr. Information Security Architect – AI & Cloud Security is a senior member of the BISO Secure Solutions Design team responsible for defining secure architecture patterns, assessing emerging AI/ML solutions, and ensuring alignment with Global Information Security policies and enterprise architecture strategies. Key Responsibilities Develop and maintain secure design patterns and controls for AI/ML solutions, including LLMs, RAG architectures, vector databases, and enterprise AI agents. Define a secure operating environment and ensure alignment with enterprise architecture strategy and GIS standards. Evaluate system impacts, data flows, integration points, and non‑functional requirements such as security. Provide solution options to resolve architectural constraints and remove design impediments. Participate in design reviews, feature decomposition, and technical governance for AI‑enabled platforms and SDLC‑integrated developer tools. Conduct AI‑specific risk assessments using frameworks including MITRE ATLAS, OWASP Top 10 for LLMs/GenAI, and NIST AI RMF. Perform detailed threat modeling (STRIDE or equivalent) for cloud, application, data, and AI use cases. Identify risks such as prompt injection, model/data poisoning, data leakage, model theft, hallucinations, and supply‑chain risk across model, dataset, and embedding ecosystems. Define compensating controls and architectural safeguards for AI/ML pipelines, including input/output filtering, retrieval restrictions, data minimization, privacy controls, and identity boundaries. Work across lines of business, operations, enterprise architecture, data science, and development teams to ensure clear solution intent and secure‑by‑design outcomes. Translate policy and standards into actionable architecture guidance for delivery teams. Educate partners on architectural best practices, security control requirements, and evolving AI threat landscapes. Support technology stack evaluations and selection of secure tools, platforms, and third‑party integrations. Provide architecture review documentation, data flow diagrams, and risk summaries to support governance processes. Required Qualifications 8+ years of experience in information security or enterprise architecture, with recent focus on AI/ML or Generative AI security. Proven experience performing secure architecture assessments, design reviews, and threat models for complex, integrated systems. Strong understanding of Generative AI, LLM risk, and security frameworks (MITRE ATLAS, OWASP LLM Top 10, NIST AI RMF). Broad experience across cloud platforms (AWS), identity, key management, secrets management, networking, containers, and API security. Expertise in interpreting and applying internal security policies, standards, and controls. Strong communication skills with the ability to convey complex technical concepts to technical and non technical audiences, including senior leadership. Demonstrated ability to drive decisions, collaborate across teams, and balance risk vs. business needs. Hands‑on experience preparing technical diagrams and threat models. Desired Qualifications Experience with advanced developer tools such as GitHub Copilot, Microsoft Copilot Studio, or similar AI coding assistants. Certifications such as CISSP, CISM, CCSP, CCSK, CRISC, or cloud architecture/security certifications. Familiarity with agile methodologies, DevOps practices, CI/CD pipelines, and developer experience platforms. Experience in financial services or other regulated industries. Skills Analytical Thinking Architecture Result Orientation Solution Design Technical Strategy Development Application Development Collaboration Data Management DevOps Practices Risk Management Agile Practices Automation Influence Solution Delivery Process Test Engineering Shift & Hours Shift: 1st shift (United States of America). Hours per week: 40.
#J-18808-Ljbffr
  • Seattle, Washington, United States

Languages

  • English
Notice for Users

This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.

Apply Now