Job Title: Cloud & AI Security Architect
About the Role
We are seeking a highly experienced Cloud & AI Security Architect to provide enterprise-level security architecture leadership across Aviva’s cloud-based AI platforms, including AWS Bedrock, Azure AI Foundry, and emerging agentic AI services and workflows.
This role sits at the intersection of cloud security, AI engineering, and enterprise architecture, ensuring that AI-enabled capabilities are designed and delivered with security embedded from the outset.
You will be responsible for shaping and enforcing secure-by-design principles across AI platforms, integrations, and data-driven services—balancing strategic architecture leadership with hands-on technical assurance.
You will act as a key enabler for engineering teams, helping them move fast safely, while ensuring alignment with regulatory, risk, and enterprise security standards in a highly regulated environment.
Key Responsibilities
Security Architecture Leadership
* Own and define end-to-end security architecture strategy for cloud AI platforms and services, including AWS Bedrock, Azure AI Foundry, and agentic AI ecosystems.
* Establish and maintain security architecture patterns, reference models, and reusable controls for AI-enabled systems across the enterprise.
* Drive secure design principles across AI workloads, including model interaction, data pipelines, APIs, and multi-agent workflows.
Design & Assurance
* Define and govern High-Level Design (HLD) and Low-Level Design (LLD) security requirements across cloud and AI solutions.
* Conduct in-depth architecture reviews and design assurance, ensuring compliance with internal security standards and external regulatory obligations.
* Translate complex security requirements into practical engineering guidance that can be implemented by delivery teams.
Cloud & AI Security Engineering
* Provide hands-on architectural input across AWS and Azure environments, including:
* Identity and Access Management (IAM), federation, and least-privilege models
* Network segmentation, private connectivity, and zero trust principles
* Encryption strategies (at rest, in transit, and in-use where applicable)
* Secrets management and secure configuration practices
* Logging, monitoring, detection engineering, and auditability
* Secure CI/CD pipelines and DevSecOps automation
* Support secure integration of AI services with enterprise data platforms and APIs.
AI Security & Emerging Patterns
* Define and evolve secure AI architecture patterns, including:
* Prompt and response data protection
* Model access governance and usage controls
* Secure retrieval-augmented generation (RAG) architectures
* Agentic workflow security and inter-agent communication controls
* AI data leakage prevention and model boundary enforcement
* Assess and mitigate risks associated with LLM usage, autonomous agents, and AI-driven decisioning systems.
Risk, Threat Modelling & Governance
* Lead threat modelling exercises for cloud-native and AI-enabled systems.
* Conduct security risk assessments and contribute to architectural risk decisions.
* Partner with risk and compliance teams to ensure alignment with regulatory frameworks and internal control standards.
* Contribute to security governance frameworks for AI adoption across the enterprise.
Stakeholder Engagement & Advisory
* Act as a trusted security advisor to engineering, architecture, product, and governance teams.
* Influence senior stakeholders across technology and business functions to embed secure-by-design thinking.
* Support teams in adopting reusable security patterns and guardrails that enable safe scaling of AI capabilities.
Required Experience
* Proven track record as a Security Architect, Cloud Security Architect, or Enterprise Security Architect in large-scale, complex, and regulated environments (e.g., financial services, insurance, government, or similar).
* Deep experience in cloud security architecture across AWS and/or Azure, ideally both.
* Demonstrable experience securing cloud-native platforms and distributed systems at scale.
* Experience operating within governed enterprise environments with strong regulatory requirements.
Core Technical Skills
Cloud Security
* Strong expertise in:
* IAM, identity federation, SSO, and RBAC/ABAC models
* Network security architecture (VPC/VNet design, segmentation, private endpoints)
* Cryptography, key management systems (KMS/HSM), and certificate lifecycle management
* Secrets management solutions (e.g., AWS Secrets Manager, Azure Key Vault)
* Vulnerability management and security posture management tooling
* Security logging, SIEM integration, and detection engineering
* Secure DevOps / DevSecOps pipelines and automation frameworks
AI & Emerging Technologies
* Hands-on or architectural experience with:
* AWS Bedrock
* Azure AI Foundry
* Understanding of:
* Large Language Model (LLM) security considerations
* Agentic AI systems and orchestration frameworks
* AI data governance, privacy controls, and model interaction security
* Secure integration patterns for AI services within enterprise ecosystems
Architecture & Design
* Strong experience producing and reviewing:
* High-Level Design (HLD) documentation
* Low-Level Design (LLD) documentation
* Security architecture diagrams and reference architectures
* Ability to translate security principles into practical, implementable engineering designs
Soft Skills & Leadership
* Exceptional communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences.
* Strong influencing skills across engineering, architecture, product, and risk stakeholders.
* Ability to operate effectively in ambiguity, particularly in emerging AI and agentic technology domains.
* Pragmatic mindset: able to balance security rigor with delivery velocity.
* Strong collaborative approach, acting as a bridge between security, engineering, and business teams.
What Success Looks Like
* Security is embedded by default into AI and cloud platform design, not retrofitted.
* Reusable security patterns accelerate delivery of AI capabilities.
* Engineering teams can confidently build AI solutions with clear guardrails and guidance.
* Reduced security risk exposure across AI and cloud estates.
* Strong alignment between innovation in AI and enterprise risk appetite.