Principal Cloud and AI Security Architect

Principal Cloud and AI Security Architect OrangePeople - 5.0 Newport Beach, CA Job Details Contract From $75 an hour 1 hour ago Benefits Health insurance Dental insurance 401(k) Vision insurance 401(k) matching Qualifications Security engineering Information security IT security architecture Cloud Architecture Design (Architecture design skills) Full Job Description Are you a visionary security expert with a passion for innovation and hands-on engineering? We're looking for a Principal Cloud and AI Security Architect to lead our organization's quest for a secure, cutting-edge cloud ecosystem. In this strategic role, you'll collaborate across Infrastructure, Engineering, and Data/AI teams to craft and implement transformative security strategies that keep us ahead of the curve. With your deep technical expertise and proactive mindset, you'll analyze, develop, and automate security solutions, building scalable detection and remediation tools that safeguard our digital future. Join us and shape resilient, developer-friendly cloud and AI platforms that empower innovation with confidence.

Key Responsibilities:

Defining cloud and AI security architecture patterns and standards based on industry best practices. Collaborating with architects, developers, and security engineers to design and implement secure, code-driven controls across cloud and AI/ML systems. Driving security governance across multi-cloud and AI platforms with a strong focus on automation and engineering-led security practices. Leading efforts to identify vulnerabilities in application and infrastructure code, including misconfigurations, insecure patterns, and logic flaws. Building and enabling automated detection, threat hunting, and response capabilities through code and tooling. Supporting incident response efforts, including AI/ML-specific threats, while developing reusable automation for containment and remediation.

Other Key Responsibilities:

Cloud & AI Security Strategy & Architecture:

Lead the development of cloud and AI security architecture strategy with a strong emphasis on security engineering and automation-first design. Define and implement "Security as Code" practices, embedding controls into infrastructure (IaC), CI/CD pipelines, and MLOps workflows. Design solutions integrating frameworks (NIST, ISO, SABSA, NIST

AI RMF, OWASP

Top 10 for LLMs) into developer-friendly and code-enforced architectures. Partner closely with engineering teams to ensure security is embedded in code, pipelines, and runtime environments—not just policies. Act as a senior advisor on secure coding, secure architecture patterns, and AI security adoption.

Risk & Threat Management:

t Lead cloud and AI security assessments with a focus on code-level and architecture-level vulnerabilities. Establish threat modeling practices that include application logic, APIs, microservices, and ML models. Build and enhance threat detection and hunting capabilities using automation, scripting, and custom tooling. Integrate security telemetry into engineering-driven detection pipelines (SIEM, SOAR, custom scripts, APIs). Guide incident response with an emphasis on automated response playbooks and repeatable remediation workflows.

Secure Development, AI/ML Security & Data Protection:

Build and evolve SSDLC into a developer-centric, automation-driven Secure SDLC, including SAST, DAST, SCA, and IaC scanning. Extend practices into Secure ML Lifecycle (SMLC) with secure MLOps/LLMOps pipelines. Review and analyze application code, APIs, and infrastructure-as-code (Terraform, CloudFormation, etc.) for security flaws. Develop and maintain security automation scripts, tools, and integrations to improve detection, response, and compliance. Implement controls for LLM and AI systems, including prompt security, output validation, and data protection. Ensure secure handling of training data, pipelines, and model artifacts.

Technology Enablement & Vendor Management:

Evaluate and implement cloud and AI security tools with a focus on API-driven integration and extensibility. Lead development of custom security tooling and automation frameworks where off-the-shelf solutions fall short. Mentor teams on secure coding, automation, and building security into engineering workflows. Stay current with evolving threats in cloud, software supply chain, and AI ecosystems.

Education:

A bachelor's degree in Computer Science, Engineering, or a related technical field is required.

Experience:

15+ years of experience in Information Security, with a strong foundation in software engineering or development: Minimum 5 years in Security Architecture with hands-on engineering involvement. Strong background in software development, security engineering, or DevSecOps. Minimum 5 years in cloud environments (AWS, Azure, GCP). Proven experience building or contributing to security automation, tooling, or platforms. Demonstrated ability to read, understand, and review code for security vulnerabilities. Experience working closely with engineering teams in agile/DevOps environments. Strong leadership and communication skills.

Technical Expertise:

Deep understanding of cloud-native and AI security principles, including: Cloud Architecture & Networking. Identity & Access Management (IAM). CI/CD and DevSecOps pipelines. Infrastructure as Code (Terraform, CloudFormation, etc.). Secrets Management & Data Protection. Logging, Detection, and Incident Response. Container & Kubernetes Security.

Security Engineering & Coding Skills:

Strong proficiency in one or more programming/scripting languages (e.g., Python, Go, Java, JavaScript). Ability to analyze application code and APIs for vulnerabilities. Experience building automation for detection, response, and remediation. Hands-on experience with API integrations, event-driven architectures, and security tooling automation.

AI/ML Security:

Understanding of model security, adversarial ML, prompt injection, and data poisoning. Experience securing MLOps/LLMOps pipelines and AI-enabled applications.

Frameworks & Standards:

CIS Benchmarks, Cloud Security Alliance (CSA). NIST SP standards (800-144, 800-145, etc.). NIST AI Risk Management Framework (AI RMF). OWASP Top 10 for LLM Applications. Privacy and regulatory frameworks (GDPR, HIPAA, PCI-DSS, etc.). Certifications (Preferred, but strongly desired): Mandatory /

Strongly Preferred:

AWS Certification (minimum AWS Certified Cloud Practitioner) Advanced AWS certifications (Solutions Architect, Security Specialty) are highly preferred Alternative /

Supplemental:

Google Cloud certifications (e.g., Professional Cloud Security Engineer)

Security Certifications:

CISSP, CISM, GIAC, etc AI/ML Security Certifications (Nice to Have)

Job Type:

Contract Pay:

From $75.00 per hour

Benefits:

401(k) 401(k) matching Dental insurance Health insurance Vision insurance Application Question(s): Do you have hands-on experience reviewing application code and Infrastructure-as-Code for security vulnerabilities? Do you have experience building security automation for detection, response, and remediation using code or custom tooling? Do you have experience securing Kubernetes environments and container platforms? Do you have experience with AI/ML or LLM security, including prompt injection, model security, or secure MLOps/LLMOps? Which programming/scripting languages are you strongest in? Which certifications do you currently hold?

Experience:

Information security: 5 years (Required)

Security Architecture:

5 years (Required) hands-on AWS cloud security: 5 years (Required) DevSecOps / CI-CD security: 5 years (Required) Ability to

Commute:

Newport Beach, CA 92660 (Required) Ability to

Relocate:

Newport Beach, CA 92660: Relocate before starting work (Required)

Work Location:

In person