Senior Principal Architect, Cyber Security – AI at NielsenIQ — NeverHard
Senior Principal Architect, Cyber Security – AI at NielsenIQ in Toronto, Ontario. Skills: AI, Cloud Security, Cyber Security, Leadership, Risk Assessment. Apply on NeverHard.
Company
NielsenIQ
Location
Toronto, Ontario
Type
full_time
Required skills:
AI
Cloud Security
Cyber Security
Leadership
Risk Assessment
Threat Modeling
architecture reviews
identity and access management
network security
Senior Principal Architect, Cyber Security – AI
Reporting to the Director of Cyber Security Architecture, the Senior Principal Cyber Security Architect – AI will act as the lead security architecture advisor for AI‑related initiatives across the organisation.
Responsibilities
Provide senior security architecture leadership for AI initiatives, ensuring AI systems and services are secure by design and aligned with enterprise cyber security strategy, risk appetite, and regulatory expectations.
Define and maintain AI security principles, standards, guardrails, reference architectures, design patterns, and production readiness criteria across the AI lifecycle.
Advise on secure architecture for AI platforms, MLOps pipelines, data pipelines, model registries, vector databases, RAG solutions, prompt orchestration layers, APIs, AI agents, and cloud‑based AI services.
Design and support implementation of security controls across identity and access management, privileged access, secrets management, encryption, key management, network security, secure APIs, logging, monitoring, resilience, and incident response.
Conduct AI‑focused risk assessments, threat modelling, architecture reviews, and control gap assessments for new and existing AI use cases.
Identify and support mitigation of AI‑specific risks, including data leakage, prompt injection, model extraction, model inversion, training data poisoning, insecure output handling, excessive agency, insecure RAG implementations, supply chain compromise, and unauthorised access.
Partner with engineering, data science, platform, and security teams to embed security into AI development, MLOps, CI/CD pipelines, deployment workflows, and operational monitoring.
Advise on secure handling of training, validation, test, and production data, including data minimisation, anonymisation, access control, retention, lineage, provenance, and protection of confidential or regulated information.
Assess security risks associated with third‑party AI platforms, foundation models, SaaS AI tools, APIs, open‑source models, datasets, plugins, extensions, and model marketplaces.
Define security requirements for AI vendor due diligence, procurement, onboarding, contractual review, and ongoing supplier assurance.
Work with security operations and incident response teams to define AI‑specific logging, monitoring, detection, investigation, and response requirements.
Monitor AI security developments, emerging threats, attack techniques, industry standards, and regulatory expectations, translating them into practical internal controls and guidance.
Promote AI security awareness across engineering, production, data science, business, and technology teams through guidance, workshops, reusable patterns, and stakeholder engagement.
Support the Director of Cyber Security Architecture with AI security strategy, governance, reporting, and other duties as required.
Qualifications
Significant experience in cyber security architecture, application security, cloud security, platform security, data security, or technology risk.
Practical understanding of AI, machine learning, generative AI, large language models, MLOps, cloud AI services, and AI‑enabled application architectures.
Experience designing, reviewing, or implementing security controls for complex technology environments.
Experience conducting risk assessments, threat modelling, security architecture reviews, and control gap assessments.
Understanding of AI‑specific threats, including prompt injection, data leakage, data poisoning, model extraction, model inversion, insecure output handling, supply chain compromise, and misuse of AI agents.
Knowledge of secure software development, DevSecOps, CI/CD pipelines, APIs, identity and access management, encryption, logging, monitoring, and vulnerability management.
Experience working with cloud platforms and modern data architectures.
Ability to translate complex technical risks into clear business language for senior stakeholders.
Strong communication, documentation, stakeholder management, and influencing skills.
Preferred experience with AI/ML engineering teams, data science teams, AI platform teams, or product teams delivering AI‑enabled services.
Experience with MLOps platforms, model registries, feature stores, vector databases, RAG architectures, prompt orchestration frameworks, or AI agent frameworks.
Experience with AI, GenAI, or LLM security testing, red teaming, or adversarial testing.
Familiarity with relevant AI security and governance frameworks such as NIST AI RMF, OWASP Top 10 for LLM Applications, MITRE ATLAS, ISO/IEC 42001, ISO 27001, NCSC/CISA secure AI guidance, CSA AI Controls Matrix, and applicable AI or privacy regulations.
Experience assessing third‑party AI services, SaaS AI tools, open‑source models, foundation model providers, or cloud AI platforms.
Experience creating security standards, control frameworks, technical patterns, policies, or governance processes.
Experience in a regulated industry such as financial services, healthcare, telecommunications, energy, defence, or critical infrastructure would be advantageous.
Key Skills and Competencies
Strong cyber security architecture and risk management capability.
Practical understanding of AI security risks and secure AI lifecycle practices.
Ability to design pragmatic security controls that enable innovation while managing risk.
Strong analytical, problem‑solving, communication, and stakeholder management skills.
Ability to work across technical, risk, compliance, legal, privacy, and business teams.
Ability to influence senior stakeholders and delivery teams without direct authority.
Comfortable working with ambiguity, emerging technology, and fast‑moving delivery environments.
Strong documentation, standards development, and policy‑writing capability.
Measures of Success
AI security architecture, standards, and control framework defined, adopted, and continuously improved.
Security requirements embedded into AI delivery, governance, and production readiness processes.
AI use cases assessed consistently before deployment.
High‑risk AI security findings identified, tracked, and reduced.
Improved visibility of AI assets, vendors, models, data flows, and production deployments.
Reusable AI security patterns and guardrails adopted by engineering, AI, and platform teams.
Improved AI security awareness across relevant business and technology teams.
Alignment demonstrated with internal policies, external standards, and regulatory expectations.
Benefits
Pay Range – CAD 129,600 to 180,000 / annually
Flexible working environment
Volunteer time off
#J-18808-Ljbffr