Define and steward State Street’s enterprise AI security architecture, including secure-by-default patterns for AI platforms, GenAI tooling, AI agents, and data pipelines
Establish architecture standards, guardrails, and reference designs for AI systems across cloud and on-prem environments
Embed security, privacy, and compliance requirements directly into AI and software engineering lifecycle processes
Partner with Enterprise Architecture and Engineering to ensure AI security scales across product teams with minimal friction
Establish and mature AI threat modeling practices, aligned to real-world attacker behavior and regulatory scrutiny
Lead identification and mitigation of AI‑specific risks including model abuse, data poisoning, OSS corruption, prompt injection, model inversion, and emerging adversarial AI threats
Drive defensible architecture decisions supported by measurable risk reduction and operational outcomes
Integrate AI security into DevSecOps pipelines, automating preventative, detective, and responsive controls
Enable secure AI adoption through paved-road platforms, automation, and architectural simplification
Partner with engineering teams to accelerate AI reviews and approvals through tooling and policy-as-code approaches
Lead security architecture for emerging AI capabilities, including AI agents, automation frameworks, and developer assist tooling
Collaborate with crypto and platform teams on post‑quantum readiness considerations as they relate to AI systems and long-lived data
Ensure architecture standards align with and support regulatory expectations (FFIEC, NIST, ISO, NYDFS, GDPR, etc.)

Requirements

Bachelor’s degree in Computer Science, Information Security, Engineering, or related field
Advanced degree preferred
Relevant certifications (CISSP, CISM, cloud security, architecture, or AI-related certifications) desired
15+ years of experience in security engineering, product security, or architecture roles
Demonstrated leadership designing and scaling secure cloud-native architectures in large, regulated environments
Proven experience embedding security into DevSecOps and software engineering workflows
Hands-on experience securing AI/ML and GenAI systems, including governance, data protection, and model risk
Strong background in regulatory audits, control remediation, and executive-level risk communication
Experience leading global, multidisciplinary security or engineering teams.

Benefits

retirement savings plan (401K) with company match
insurance coverage including basic life, medical, dental, vision, long-term disability, and other optional additional coverages
paid-time off including vacation, sick leave, short term disability, and family care responsibilities
access to our Employee Assistance Program
incentive compensation including eligibility for annual performance-based awards (excluding certain sales roles subject to sales incentive plans)
eligibility for certain tax advantaged savings plans

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AI security architecturesecure-by-default patternsAI platformsGenAI toolingdata pipelinesDevSecOpsthreat modelingrisk mitigationcloud-native architecturesAI/ML security

Soft Skills

leadershipcollaborationcommunicationproblem-solvingstrategic thinkingrisk managementteam managementpolicy developmentstakeholder engagementprocess improvement

Certifications

CISSPCISMcloud security certificationarchitecture certificationAI-related certification