Sr. Security Architect - 11104
US RemoteFull-TimeLeadOther
What You'll Do:
- Secure Architecture: Design, develop, and implement secure architectural solutions for applications, systems, and networks, with a primary focus on AI/ML pipelines and Large Language Model (LLM) deployments.
- Risk Assessments: Conduct security assessments and risk analyses of existing and proposed systems, including adversarial threat modeling.
- Standards & Policies: Develop and maintain security standards, policies, and procedures including for the ethical and secure use of AI.
- Expert Advisory: Provide expert guidance on security best practices to data science, development, and operations teams.
- Regulatory Alignment: Collaborate with compliance and legal teams to ensure adherence to regulatory requirements like GDPR and emerging AI-specific laws.
- Vendor Reviews: Participate in security reviews of third-party AI vendors and foundational model providers.
- Compliance Management: Support security assessments, including ISO 27001 and ISO 42001 (AI Management System).
- Mentorship: Mentor junior security professionals on AI safety and security engineering.
- Technical Documentation: Create high-quality technical documentation and data flow diagrams (DFDs) for AI and other data processing environments
What You Will Bring to Coupa:
- Education and Experience
- Degree: Bachelor's degree in Computer Science, Information Security, or a related field. Master’s degree preferred.
- Experience: Minimum of 10 years in information security, with at least 5 years in a security architecture role.
- Technical Skills
- Frameworks: Strong understanding of security frameworks and standards, including NIST AI RMF, ISO 27001, and CIS.
- Cloud Security: Proficiency in designing secure architectures for cloud environments (AWS, Azure, GCP) hosting AI workloads.
- Application Security: Knowledge of secure coding principles and application security best practices, including the OWASP Top 10 for LLMs.
- Network Security: Familiarity with network security protocols and technologies (TCP/IP, VPN, DNS, SSL/TLS).
- Identity Management: Experience with identity and access management (IAM) solutions for human and machine identities.
- Cryptography: Understanding of cryptography and secure communication protocols.
- Soft Skills
- Problem-Solving: Excellent analytical and problem-solving skills.
- Communication: Ability to explain complex security and AI concepts to both technical and non-technical audiences.
- Collaboration: Ability to work independently and as part of a cross-functional team.
- Preferred Certifications
- Generative AI for Cybersecurity Professionals
- CERT Applied Data Science for Cybersecurity Professionals
- Certified Information Systems Security Professional (CISSP)
- Information System Security Architecture (CISSP-ISSAP)
