Job Title:  Manager | Hybrid cloud | Bengaluru | Engineering | Hybrid Cloud Engineering

Job Title: Manager – Security & Compliance Architect (AI Infrastructure)

Role Overview

We are seeking a Manager-level Security & Compliance Architect to design and implement secure, compliant, and resilient AI infrastructure platforms, including GenAI, ML pipelines, and data ecosystems.

This role will focus on embedding security-by-design and compliance-by-default principles across AI systems, ensuring protection of data, models, and infrastructure while aligning with regulatory and industry standards.

Key Responsibilities

1. AI Security Architecture

• Design and implement end-to-end security architecture for AI/ML and GenAI platforms:
• Model training and inference environments
• LLM and API integrations
• Data pipelines, vector databases, and orchestration frameworks
• Define secure reference architectures for:
• Cloud-native AI platforms (Azure, AWS, GCP)
• Hybrid and multi-cloud deployments
• Implement defense-in-depth strategies across AI systems

2. AI-Specific Threat Modeling & Risk Management

• Conduct threat modeling for AI systems covering:
• Model poisoning
• Prompt injection and jailbreaking
• Data leakage and inference attacks
• Identify and mitigate AI-specific vulnerabilities across:
• Training data pipelines
• Model artifacts and endpoints
• Perform risk assessments and define mitigation strategies aligned to enterprise risk appetite

3. Compliance & Governance

• Ensure AI platforms adhere to global and regional standards such as:
• ISO 27001, SOC 2, NIST, CIS benchmarks
• GDPR, HIPAA (as applicable)
• Emerging AI regulations (e.g., EU AI Act, responsible AI guidelines)
• Define and implement:
• Data governance and privacy frameworks
• Model governance and lifecycle controls
• Support audit readiness, compliance reporting, and certifications

4. Identity, Access & Data Security

• Define and implement:
• Zero Trust architecture for AI platforms
• Fine-grained access controls (RBAC/ABAC)
• Secure:
• Training and inference data
• Model endpoints and APIs
• Secrets, tokens, and embeddings
• Implement encryption strategies:
• Data at rest and in transit
• Secure key management (HSM, KMS)

5. Secure AI Development & MLOps

• Embed security into:
• CI/CD and MLOps pipelines
• Model development and deployment lifecycle
• Implement:
• Secure coding and model development best practices
• Dependency and artifact security (SBOMs, vulnerability scanning)
• Establish controls for:
• Model versioning and integrity
• Supply chain security

6. Monitoring, Detection & Incident Response

• Design security monitoring for AI platforms:
• Anomalies in model outputs
• Data exfiltration attempts
• Unauthorized access patterns
• Integrate with enterprise:
• SIEM / SOAR platforms
• Threat intelligence systems
• Define incident response plans for AI-specific risks
• Conduct security drills and simulations

7. Tooling & Platform Enablement

• Implement and manage security tools such as:
• Cloud-native security (Defender, GuardDuty, Security Command Center)
• Container security (Aqua, Prisma, etc.)
• API security & gateways
• Evaluate and integrate AI security tools (prompt filtering, model monitoring, adversarial testing)
• Build automated guardrails using policy-as-code

8. Stakeholder Engagement

• Work with:
• AI/ML engineering teams
• Data science and platform teams
• Enterprise security and compliance groups
• Translate technical risks into business impact and compliance needs
• Support leadership with:
• Security posture reporting
• Risk dashboards and remediation plans

Required Qualifications

Experience

• 8–12 years of experience in:
• Cybersecurity architecture / cloud security
• Compliance and risk management
• 3–5+ years in cloud-native or AI/ML environments
• Hands-on experience in designing secure distributed systems

Core Skills

• Deep understanding of:
• Security architecture principles (Zero Trust, defense-in-depth)
• Cloud security frameworks and controls
• Compliance standards and regulatory frameworks
• Strong knowledge of:
• AI/ML lifecycle and associated risks
• Data security and privacy engineering

Technical Skills

• Cloud Platforms: Azure, AWS, GCP
• Security:
• IAM, encryption, network security, secrets management
• AI/ML:
• LLM APIs, model pipelines, data pipelines
• DevSecOps:
• CI/CD security, SAST/DAST, container security
• Tools:
• SIEM (Splunk, Sentinel), vulnerability management, API security

Leadership & Consulting Skills

• Strong stakeholder management and communication skills
• Ability to translate security into business and compliance outcomes
• Experience working in cross-functional teams and transformation programs

Preferred Qualifications

• Certifications:
• CISSP, CISM, CCSP
• Azure Security Engineer / AWS Security Specialty
• Exposure to:
• Responsible AI frameworks
• Privacy-enhancing technologies (PETs)
• Experience in:
• Multi-cloud and regulated environments (BFSI, healthcare, etc.)