Security Architect - Architecture Review, GenAI & Governance

Security Architect – Architecture Review, GenAI & Governance

Location: Phoenix, AZ (Hybrid)

We are seeking an experienced Security Architect with deep expertise in enterprise security architecture, architecture governance, cloud security, application security, and emerging AI technologies. The successful candidate will play a critical role in reviewing enterprise architectures, authoring Architecture Decision Records (ADRs), and ensuring secure adoption of Generative AI (GenAI) and Agentic AI solutions across the organization.

This role requires strong hands-on experience in security architecture reviews, threat modeling, cloud security assessments, application security, SaaS security, network security, and AI governance.

Key Responsibilities

• Lead enterprise security architecture reviews, tiger team assessments, and Security Architecture Review Board (SARB) evaluations.
• Review solution architectures, Architecture Decision Records (ADRs), and technical designs for security risks and compliance requirements.
• Provide actionable recommendations and remediation guidance for architecture gaps.
• Ensure alignment with enterprise security standards, regulatory requirements, and risk management frameworks.

GenAI & Agentic AI Security

• Review and assess Generative AI, LLM, RAG, Copilot, and Agentic AI architectures.
• Evaluate controls related to:
• Prompt Injection Protection
• Data Leakage Prevention
• Model Security
• AI Governance
• Agent Authorization & Oversight
• Secure Multi-Agent Orchestration
• Define guardrails and governance controls for AI-enabled platforms.
• Support secure implementation of Azure OpenAI, Vertex AI, OpenAI APIs, and enterprise AI solutions.

Application & API Security

• Conduct application security architecture reviews.
• Evaluate authentication, authorization, encryption, secrets management, and API security controls.
• Lead threat modeling exercises for modern web, cloud-native, and AI-enabled applications.
• Assess CI/CD security practices and secure software development lifecycle (SSDLC) implementation.

Cloud Security Architecture

• Review cloud architectures across AWS, Azure, and GCP.
• Evaluate IAM, network segmentation, data protection, container security, and cloud-native security services.
• Perform security posture assessments and architecture risk evaluations.
• Define secure reference architectures and cloud security patterns.

Data & Platform Security

• Review database architectures and data protection strategies.
• Assess encryption, key management, cryptographic controls, and data governance frameworks.
• Evaluate security architectures supporting:
• PostgreSQL
• Big Data Platforms
• SaaS Solutions
• Enterprise Integration Platforms

Architecture Decision Records (ADR) & Documentation

• Author and maintain ADRs, security patterns, standards, and reference architectures.
• Clearly document decisions, alternatives, trade-offs, risks, and security controls.
• Utilize AI-assisted review techniques while maintaining human accountability and governance.

Security Leadership

• Mentor architects and engineering teams on secure-by-design principles.
• Drive adoption of security best practices across application, cloud, network, SaaS, and AI domains.
• Partner with enterprise architecture, engineering, compliance, and risk management teams.

Required Skills & Experience

• Enterprise Security Architecture
• Application Security (AppSec)
• API Security
• SaaS Security
• Network Security (NetSec)
• Cloud Security Architecture
• Threat Modeling
• Security Governance
• Security Reviews & Tiger Team Assessments

AI & Emerging Technologies

• Generative AI Security
• Agentic AI Security
• Large Language Models (LLMs)
• Retrieval-Augmented Generation (RAG)
• AI Governance & Risk Management
• Secure AI Development Lifecycle

Technical Expertise

• AWS
• Azure
• GCP
• API Security
• Cryptography
• Database Architecture & Design
• PostgreSQL
• Big Data Security
• GitHub
• GitLab
• Bitbucket
• ServiceNow
• Palo Alto Technologies

Preferred Tools & Frameworks

• LangChain
• OpenAI Platform
• Guardrails AI
• Vertex AI
• Azure OpenAI
• OWASP ASVS
• NIST CSF
• NIST AI RMF
• SABSA
• TOGAF
• Zero Trust Architecture

Qualifications

• Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Security, or related discipline.
• 7+ years of Security Architecture experience.
• Proven experience conducting enterprise architecture reviews and authoring ADRs.
• Experience designing and securing AI-enabled enterprise platforms.
• Strong communication, documentation, and stakeholder management skills.

Preferred Certifications

• CISSP
• CCSP
• SABSA
• TOGAF
• AWS Security Specialty
• Azure Security Engineer
• Google Professional Cloud Security Engineer
• NIST AI RMF Certification
• Azure AI Engineer Associate

Success Measures

• Secure adoption of GenAI and Agentic AI capabilities.
• High-quality architecture reviews and ADR production.
• Reduced security risks through proactive architecture engagement.
• Improved governance and consistency across enterprise security initiatives.
• Recognition as a trusted advisor and thought leader in enterprise security architecture and AI governance.