Principal Cybersecurity Architect Identity & Access Management for AI Systems
GE Vernova
Cybersecurity-Architecture
Identity-And-Access-Management
AI-Security-Architecture
Enterprise-Security
Cloud-Security-Architecture
Principal-AI-Security-Architect
Principal-Identity-And-Access-Management-Engineer
Senior-Identity-&-Access-Management-Architect
Apply on Himalayas →
You'll be redirected to the original listing.
Description
Job Description Summary
We are seeking a Principal Cybersecurity Architect to serve as a technical leader on identity and access management (IAM) for AI systems, large language models (LLMs), and autonomous AI agents. This is a position reserved for seasoned technical leaders who operate at the intersection of deep architecture expertise, enterprise-wide influence, and forward-looking security vision.As a Principal Architect, you will not simply implement solutions — you will define the strategy, set the standards, and shape the future of how AI systems are secured across our enterprise. You will drive alignment across engineering, platform, and business teams, and your architectural decisions will have lasting impact.
You will serve as a key technical partner to our AI Foundry, embedding security-by-design principles into AI platforms and agent frameworks from inception. You will own the identity lifecycle for AI agents — from onboarding and certification through recertification and decommissioning — ensuring every AI entity operating in our environment is accountable, traceable, and governed under the principle of least privilege.
Principal Architects at our organization are recognized technical leaders. You will be expected to drive clarity in ambiguous problem spaces, influence without authority across organizational boundaries, mentor the next generation of security architects, and represent our security posture in executive and cross-functional forums. If you are energized by solving security challenges that have no playbook yet — and by building the playbook yourself — this role is for you.
Job Description
Key Responsibilities
Technical Leadership & Strategy
- Enterprise Vision: Act as the primary authority on AI identity security, providing guidance to executive leadership and engineering teams.
- Cross-Functional Alignment: Drive strategy across cybersecurity, cloud platforms, GRC, legal, and business units.
- Thought Leadership: Represent the organization in external forums, industry working groups, and vendor discussions regarding AI security standards.
- Architecture Ownership: Define the long-term IAM architecture for AI systems and agents in cloud and hybrid environments, establishing reusable patterns and reference designs.
AI Agent Lifecycle & Governance
- Identity Management: Oversee the full lifecycle for AI agents, from initial onboarding and cryptographic identity assignment to decommissioning.
- Accountability: Maintain an unbroken chain of human ownership and traceability for all autonomous agents.
- Access Control: Architect and enforce the Principle of Least Privilege (PoLP), Just-in Time (JIT), and Just-Enough-Access (JEA) patterns for AI workloads.
- Compliance: Partner with GRC and privacy teams to ensure AI agent governance meets rigorous regulatory requirements.
Required Qualifications
- Experience: 12+ years in cybersecurity, with a heavy emphasis on IAM.
- Senior Leadership: 7+ years in Principal/Senior Architect roles for large-scale enterprise or cloud-native environments.
- Cloud Expertise: Expert-level knowledge of AWS IAM (roles, policies, SCPs, federation) and AWS Identity Center.
- AI Security: Proficiency with AWS Bedrock Identity/AgentCore and similar frameworks.
- Conceptual Depth: Expert understanding of Zero Trust architecture and its application to AI/agentic workloads.
- Communication: Exceptional ability to distill complex technical risks for executive stakeholders.
Preferred Qualifications
- Multicloud: Experience with Microsoft Azure IAM (Entra ID, Managed Identities, Azure AI). • Governance Tools: Familiarity with IGA technologies (e.g., Saviyant) and NHI (Non Human Identity) governance.
- Agentic Security: Knowledge of LLM-specific threats (OWASP LLM Top 10) and prompt injection mitigation.
- Frameworks: Understanding of SPIFFE/SPIRE for workload identity. • Certifications: AWS Certified Security – Specialty, CISSP, CISM, or CCSP.
The First 12 Months: Measuring Success
- 30 Days: Establish core partnerships with AI Foundry and engineering leads.
- 60 Days: Complete an authoritative assessment of the current AI IAM risk posture.
- 90 Days: Publish the AI agent identity lifecycle framework and enterprise standards.
- 8–12 Months: Scale governance, implement recurring recertification campaigns, and integrate full IAM controls into the AI Foundry delivery pipeline.
Additional Information
GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation. GE Vernova is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).
Relocation Assistance Provided: No
Originally posted on Himalayas