AI Security Architect

Provide architectural leadership and technical direction for secure AI adoption across application, platform, and product engineering teams, with a focus on practical security design, responsible AI, enterprise risk reduction, and scalable review processes. Research AI models, AI application architectures, agentic workflows, retrieval-augmented generation, model orchestration, prompt engineering, model context protocols, and emerging AI security issues to identify risks and actionable mitigations for UKG systems. Develop, document, and maintain reusable AI security architecture patterns, reference designs, control patterns, review checklists, and decision frameworks that can be consistently applied across multi-tenant SaaS and cloud environments. Design and build reusable security harnesses, prototypes, automation, and internal tools that help the security team review AI-enabled applications faster, validate control effectiveness, identify design gaps, and improve review quality. Integrate AI capabilities into the application security architecture review process, including opportunities to use AI-assisted analysis, secure design generation, threat modeling support, control mapping, code and configuration review, and evidence summarization. Evaluate AI development tools and coding assistants such as GitHub Copilot, Claude Code, OpenAI Codex, and similar platforms, and define secure usage patterns, guardrails, and review practices for enterprise engineering teams. Partner with internal security, engineering, product, privacy, legal, compliance, and governance teams to align AI security architecture with business requirements, secure SDLC expectations, responsible AI principles, and customer trust obligations. Lead threat modeling and security design reviews for AI-enabled features, machine learning systems, data pipelines, model integrations, plugins, agents, vector databases, prompt chains, and third-party AI services. Apply and interpret relevant AI and security standards, frameworks, and risk models, including OWASP Top 10 for LLM Applications, OWASP Machine Learning Security Top 10, MITRE ATLAS, NIST AI RMF, secure SDLC practices, and other applicable industry guidance. Define security requirements for data protection, identity and access management, authorization, auditability, model input and output handling, prompt injection resistance, jailbreak resilience, sensitive data exposure prevention, model supply chain risk, and secure integration with enterprise systems. Create proof-of-concepts and production-quality accelerators using programming languages and platforms such as Python, Java, APIs, cloud services, CI/CD tooling, and AI development frameworks to support rapid experimentation and delivery. Stay current on AI security research, model capabilities, adversarial techniques, AI governance practices, and emerging regulatory and industry expectations; translate findings into practical guidance for UKG teams. Mentor engineers, security architects, developers, and security champions on secure AI design, responsible AI practices, secure coding with AI tools, threat modeling, and effective use of security automation. Communicate complex AI security risks, design tradeoffs, patterns, and recommendations clearly to senior management, architects, engineering teams, and cross-functional stakeholders. Bachelor's degree in Computer Science, Engineering, Machine Learning, Artificial Intelligence, Cybersecurity, or a related field, or equivalent work experience. Minimum 12 years of software engineering, security architecture, security engineering, or related experience, with 4+ years of hands-on experience in machine learning, AI, or AI-enabled application development. Demonstrated experience researching, designing, building, or reviewing AI/ML systems, including model integration, AI application architecture, data pipelines, evaluation workflows, and AI-enabled product features. Strong hands-on development skills with Python and Java, with the ability to rapidly prototype, build, test, and operationalize applications, automations, harnesses, APIs, and internal tools. Practical experience using AI development and productivity tools such as GitHub Copilot, Claude Code, OpenAI Codex, and comparable AI-assisted coding, analysis, and automation platforms. Strong understanding of application security architecture, secure design, secure SDLC, threat modeling, code review, security testing, vulnerability management, and DevSecOps practices. Knowledge of AI security risks such as prompt injection, insecure plugin or tool use, training data poisoning, model inversion, sensitive data disclosure, insecure output handling, excessive agency, model supply chain risk, and evaluation bypass. Experience applying security and AI risk frameworks such as OWASP, MITRE ATLAS, NIST, ISO, and responsible AI or secure AI governance practices. Experience designing security controls for authentication, authorization, federation, OAuth/OIDC, MFA, cryptography, auditing, API security, secrets management, data security at rest and in transit, and cloud-native architectures. Experience with cloud platforms such as Google Cloud, AWS, or Azure, including AI/ML services, identity and access patterns, logging, monitoring, and security capabilities. Ability to convert research into practical reusable patterns, reference architectures, standards, engineering guidance, review templates, and automation that improve security team efficiency. Excellent written and verbal communication skills, with the ability to influence senior leaders, partner with engineering teams, and explain AI security risks in business, architectural, and engineering terms. Strong collaboration and leadership skills, including the ability to mentor others, drive cross-functional alignment, and deliver results in a fast-moving product engineering environment.