GenAI Cloud Security Chief Architect jobs in United States
cer-icon
Apply on Employer Site
company-logo

S&P Global · 11 hours ago

GenAI Cloud Security Chief Architect

positionPrinceton, NJ
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$166K/yr - $213K/yr
date10+ years exp

S&P Global is seeking a seasoned GenAI Cloud Security Chief Architect to design, implement, and enhance their enterprise AI security posture across major cloud providers and on-prem/edge environments. The role involves owning the AI risk framework, performing security architecture reviews, and leading the secure design and deployment of AI agents.

AnalyticsBusiness IntelligenceCreditEnterprise SoftwareFinanceFinancial ServicesInformation ServicesMarket Research
check
Culture & Values
check
H1B Sponsor Likelynote

Responsibilities

Define and operationalize the AI Security Strategy covering models (foundation, open‑source, fine‑tuned), data pipelines, orchestration layers, agents, and integrations across AWS, Azure, GCP, and OCI
Establish and maintain an AI Risk Framework (e.g., NIST AI RMF, ISO/IEC 23894), mapping to enterprise risk taxonomy, control objectives, and regulatory requirements (e.g., SOC 2, ISO 27001, NIST 800‑53, CSA CCM)
Create AI security policies and standards (prompt safety, model access control, agent permissions, data retention, evaluation criteria, provenance & watermarking) and drive adoption across product and platform teams
Lead AI Security Governance forums with Legal, Compliance, Privacy, Risk, and Data teams; champion secure‑by‑design and privacy‑by‑design principles
Perform Security Architecture Reviews for AI systems: Models: hosted (Azure OpenAI, Bedrock, Vertex AI), self‑hosted (Open source, on‑prem GPUs), retrieval augmented generation (RAG). Agents: MCP servers, ACP patterns, A2A (Agent‑to‑Agent) communication, tool/plugin ecosystems, vector DBs, function calling. Pipelines: data ingestion/ETL, feature stores, prompt libraries, guardrails, evaluators, and observability
Develop and maintain security reference architectures for multi‑cloud AI workloads, including: Identity & Access (IAM, workload identity federation, secrets & key management). Network segmentation, private connectivity, service endpoints, API gateways. Data security (classification, tokenization, encryption, confidential computing, secure enclaves). Model security (supply chain, signing, attestation, integrity verification, model provenance)
Design and implement agent safety controls: sandboxing, least‑privilege tooling, capability constraints, policy enforcement (RBAC/ABAC), prompt injection defenses, jailbreak & prompt‑leak mitigation, safe tool‑use patterns
Build secure AI agents and MCP/ACP/A2A integrations (e.g., tools for enterprise systems like ticketing, knowledge bases, DevOps, and cloud APIs), including: Runtime isolation (containers, microVMs), egress controls, command filtering, and audit trails. Safety guardrails: content filters, toxicity checks, output validation, semantic gateways. Observability: telemetry, tracing, prompt/result logging, risk scoring, red‑team feedback loops
Embed LLMOps/MLOps security in CI/CD: model artifact scanning, dependency SBOMs, policy‑as‑code, attestation, and controlled promotion through environments
Implement continuous evaluation and guardrails: adversarial prompts, scenario‑based testing, safety & accuracy metrics, drift detection, hallucination tracking, bias & fairness assessments
Map AI controls to regulatory frameworks (e.g., financial sector, privacy laws including GDPR/CCPA/GLBA)
Partner with Cloud Architecture, Data Science, and Cloud Platform teams to deliver secure AI features at speed without compromising risk posture
Educate and enable engineering teams: playbooks, secure coding guidelines for agents, prompt hygiene, model evaluation standards, and threat modeling workshops
Communicate risk and value trade‑offs to executives; produce clear dashboards and reports on AI security KPIs, incidents, and risk reduction

Qualification

Cloud SecurityAI Security StrategySecurity Architecture ReviewsMulti-cloud ExpertiseSecurity EngineeringAI/ML KnowledgeThreat ModelingPrivacy ComplianceData SecuritySoft Skills

Required

10+ years in Information Security with 4+ years in cloud security and 2+ years in AI/ML or LLMOps security
Hands‑on multi‑cloud expertise: AWS: IAM, KMS, PrivateLink, Bedrock, SageMaker, GuardDuty, CloudTrail. Azure: Entra ID, Key Vault, Private Endpoints, Azure OpenAI, ML, Defender for Cloud. GCP: IAM, KMS, VPC‑SC, Vertex AI, Cloud Armor, Audit Logs. OCI: IAM, Vault, Service Gateway, Data Science, Logging & Events
Security engineering proficiency: Zero Trust, policy‑as‑code (OPA/Conftest), secrets management (HashiCorp Vault), container security, SBOMs, SLSA, Sigstore
AI/LLM stack knowledge: RAG patterns, vector databases (Pinecone/Weaviate/FAISS), prompt engineering, guardrails (e.g., policy filtering), evaluation frameworks, agent orchestration (MCP/ACP/A2A, function/tool calling)
Threat modeling and offensive testing for AI systems, including prompt injection and agent misuse
Strong understanding of privacy and compliance impacting AI (GDPR, CCPA, GLBA, sector‑specific regs)

Preferred

Experience deploying agentic AI in production with secure toolchains and runtime isolation
Familiarity with confidential computing (AMD SEV, Intel SGX, Azure Confidential Computing, Nitro Enclaves) and privacy‑preserving ML (differential privacy, federated learning, homomorphic encryption)
Experience with model risk management and AI explainability/traceability (provenance, watermarking, evaluation pipelines)
Background in financial services or other highly regulated industries
Expertise with data governance (catalogs, lineage, quality) and security posture management (CSPM/CNAPP) for AI workloads

Benefits

Health & Wellness: Health care coverage designed for the mind and body.
Flexible Downtime: Generous time off helps keep you energized for your time on.
Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.
Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.
Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.
Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

Company

S&P Global

twittertwittertwitter
Glassdoor4.1
company-logo
S&P Global is a market intelligence company that provides financial information and data analytics services.
dateFounded in 1860
location
New York, New York, USA
people-size10001+ employees
web-link
https://www.spglobal.com

H1B Sponsorship

S&P Global has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (28)
2024 (26)
2023 (30)
2022 (38)
2021 (46)
2020 (38)

Funding

Current Stage
Public Company
Total Funding
$1.75B
2025-12-01Post Ipo Debt· $1B
2023-09-07Post Ipo Debt· $750M
2016-04-28IPO

Leadership Team

leader-logo
Martina Cheung
President and CEO
linkedin
leader-logo
Rick Goldberg
Chief Financial Officer Market Intelligence
linkedin

Recent News

PR Newswire
S&P Global Completes Sale of EDM and thinkFolio Businesses
2026-01-12
Coinspeaker
JPMorgan Deploys JPM Coin on Canton Network, Extending Blockchain Strategy
2026-01-07
The Motley Fool
Why S&P Global Stock Bumped 4% Higher Today
2026-01-06
Company data provided by crunchbase