AI Application Security Architect in charge of driving secure development lifecycle for AI systems across multi - cloud environments and hybrid platforms.
About the role
- Cyber Security SME ensuring the security and compliance of enterprise cloud applications. Collaborating across teams to achieve and maintain security authorization requirements.
Responsibilities
- Lead and coordinate efforts to obtain and maintain ATO/ATC for production systems, ensuring compliance with applicable security frameworks.
- Partner with Development, Cloud, and DevSecOps teams to integrate security throughout the SDLC and CI/CD pipelines, ensuring secure-by-design implementations.
- Review and contribute to system architectures, data flows, and Concept of Operations (CONOPS) documents to ensure alignment with Zero Trust principles and organizational security policies.
- Support and track the remediation of vulnerabilities and deficiencies identified through scans, assessments, and audits; create and manage Plans of Action & Milestones (POA&Ms) as required.
- Develop and maintain enterprise cybersecurity standards, guidelines, and best practices to ensure consistent implementation of security controls across all program systems.
- Support ongoing assessment and authorization (A&A) activities, including risk assessments, configuration management, and continuous monitoring reporting.
- Guide teams in applying Zero Trust Architecture (ZTA) principles—identity-centric access control, micro-segmentation, least privilege, and continuous validation—to all system designs and processes.
Requirements
- 5+ years of progressive experience in cybersecurity, with at least 3 years supporting federal ATO/ATC processes.
- In-depth knowledge of NIST RMF, FedRAMP, and Zero Trust Architecture frameworks.
- Experience collaborating with ISSOs, ISSMs, SCAs, and engineering teams.
- Familiarity with AWS cloud environments and DevSecOps pipelines.
- Strong technical understanding of network security, IAM, encryption, and vulnerability management.
- Excellent communication and coordination skills.
- Preferred Qualifications: CISSP, CISM, CAP, or equivalent cybersecurity certification.
- Experience with containerized applications, infrastructure as code (IaC), and continuous compliance tools.
Benefits
- Ability to Obtain a Public Trust clearance
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Security Project Manager responsible for managing cyber - security project delivery and ensuring quality execution in Bulgaria. Requires excellent communication skills and fluency in English.
Information Security professional managing governance, audit, and compliance in banking domain. Collaborating across teams to enhance security posture and control effectiveness.
IT Security Manager providing operational leadership for ICBC’s IT security program. Enhancing cyber security practices and managing security initiatives in a dynamic, hybrid cloud environment.
Security Officer ensuring safety and security of Yankee Candle assets and personnel. Responsiblities include monitoring, patrols, incident response, and safety training at the corporate campus.
Senior Specialist in Information Security Governance, Risk & Compliance at Cellulant, driving information security, privacy, and compliance standards within BFSI context.
Cloud Security & Application Security Engineer at Cellulant enhancing security across cloud - native platforms and applications. Working in a hybrid role to support a leading payment service provider in Africa.
IT Audit Consultant joining Baker Tilly to manage technology risks for clients, offering strategic advice and audit support. Engaging with client executives to ensure compliance and operational efficacy.
Senior Health and Safety Advisor overseeing health and safety on construction projects for Aecon. Ensuring compliance with SST legislation and promoting zero accident culture.
Senior Information Security Specialist executing Daikin Europe’s Information Security strategy. Collaborating with leadership to ensure our systems and services remain secure and compliant with regulations.