Director - Security Architecture - AI Technologies
Bethesda, USA
Job description
JOB SUMMARY
The Security Architect for AI Technologies will be responsible for designing, implementing, and maintaining robust security architectures and security guardrails to protect our AI assets and data. This is a pivotal role in shaping our security strategies, addressing complex security challenges, and ensuring compliance with industry standards and regulations. The ideal candidate will possess extensive experience in security architecture with a strong focus on AI and Generative AI technologies. Along with a deep understanding machine learning models, neural networks, and data privacy issues, this role will leverage strong analytical and problem-solving skills with the ability to interpret complex data and articulate findings to diverse stakeholders.
CANDIDATE PROFILE
Required Education and Experience
· Bachelor’s degree in computer science, engineering or equivalent experience/certification.
· 8+ years of progressive information technology/information security engineering and/or security experience including:
· 2+ years’ experience in the development, testing, and research of AI/ML systems.
· 2+ years’ experience in machine learning models, neural networks, and managing data privacy concerns.
· 2+ years’ experience with security tools and frameworks related to AI, such as secure ML pipelines and AI specific threat detection.
· 2+ years’ experience with scalable MLOps practices for deploying, monitoring, and maintaining large-scale language models in production environments.
· 2+ years as a team lead or direct management of resources (either employee or service provider)
Preferred:
· Master’s degree in computer science, Software Engineering or related field or equivalent experience/certification.
· Current information security certification: CISSP, CISM, CISA
· Certification in AI or ML such as CAIE or CAIS.
· Familiarity with security standards and regulatory requirements related to AI and data protection.
· Knowledge of AI/ML frameworks and platforms (e.g., TensorFlow, PyTorch, GPT models).
· Comprehensive knowledge of risk management frameworks including FAIR, NIST RMF, MITRE TARA, and OCTAVE.
· Demonstratable working knowledge of SAFe practices, principles, and roles.
· Experience with JIRA and ServiceNow.
· Technical leadership experience in a highly regulated environment.
· Proficiency in formal methods and model-based systems engineering for AI/ML validation and verification.
· Project management skills with a demonstrated ability to work independently and with others.
CORE WORK ACTIVITIES
Security Architecture AI Technologies
· Security Architecture Design: Develop and implement comprehensive security architectures for AI and Generative AI systems, including secure data handling, access controls, and threat mitigation strategies.
· Risk Assessment and Management: Conduct security reviews specific to AI technologies and Integration. Identify vulnerabilities and develop strategies to address potential threats to AI systems.
· Defines strategy and roadmap, provides guidance, creates standards and guidelines, and reviews architectural designs. Ensures standards and guidelines incorporate legal and regulatory requirements.
· Design and enforce security policies and procedures tailored for AI and Generative AI applications. Ensure the secure deployment, operation, and maintenance of AI systems.
· Develop and test incident response plans to address potential breaches or security events.
· Provide subject matter expertise on frameworks and best practices for implementing trustworthy AI systems.
· Work closely with cross functional teams, including data scientists, software engineers, and IT operations, to integrate security best practices into AI development and deployment processes.
· Stay informed about the latest trends, vulnerabilities, and advancements in AI and Generative AI. Educate and train team members on security best practices and emerging threats.
· Evaluate and recommend improvements to existing security measures and tools. Implement new technologies and methodologies to enhance the security posture of AI systems.
· Conduct assessments of threats and vulnerabilities, determine deviations from acceptable configurations or enterprise or local policy, assess the level of risk, and develop and/or recommend appropriate mitigation countermeasures.
· Assess and prioritize security risks associated with applications and develop risk mitigation strategies.
· Maintain effective communication with all stakeholders, providing regular updates on risk status, project progress, and compliance through concise reports and presentations.
· Ability to articulate complex security concepts to both technical and non-technical stakeholders.
· Works with the Security Architect Analysts to monitor ongoing project activities, intake of new projects and monitoring of the Security Engagement Process including but not limited to: Data Classification, Security Controls, Threat Models, Architecture Review Boards, Authority to Operate.
· Collaborate with cross-functional teams, including cybersecurity architects and senior technical leaders, to align security strategies with organizational risk tolerance and innovation goals.
· Conducts security and privacy technology research, assessments, and integration processes; provides and supports a prototype capability and/or evaluates its utility.
· Consults with customers to gather and evaluate functional requirements and provides security and privacy requirements, guidelines, and standards.
· Develop and implement comprehensive risk mitigation strategies for applications, staying ahead of emerging threats and advising on proactive security measures.
· Provides sound advice and recommendations to leadership and staff on a variety of relevant topics within the pertinent subject domain.
· Coordinate program-related activities and deliverables to ensure effective collaboration within the team and across stakeholder groups.
· Provide strategic leadership and senior management for the organization’s Cybersecurity risk oversight initiatives
· Provide subject matter expertise in cybersecurity, to include maintaining and sharing knowledge of current and emerging cyber risk management practices and tools.
· Advocate policy changes and makes a case on behalf of the company via a wide range of written and oral work products.
Managing Work, Projects, and Policies
· Coordinates and implements work and projects as assigned.
· Generates and provides accurate and timely results in the form of reports, presentations, etc.
· Analyzes information and evaluates results to choose the best solution and solve problems.
· Develops specific goals and plans to prioritize, organize, and accomplish work.
· Sets and tracks goal progress for self and others.
· Monitors the work of others to ensure it is completed on time and meets expectations.
· Provides direction and assistance to other organizational units’ policies and procedures, and efficient control and utilization of resources.
Leading Team
· Creates a team environment that encourages accountability, high standards, and innovation.
· Leads specific team while assisting with meeting or exceeding department goals.
· Makes sure others understand performance expectations.
· Ensures that goals are being translated to the team as they relate to tracking and productivity.
· Creates and nurtures an environment that emphasizes motivation, empowerment, teamwork, continuous improvement and a passion for providing service.
· Understands employee and develops plans to address need areas and expand on the strengths.
· Provides the team with the capabilities needed to meet or exceed expectations.
· Leads by example demonstrating self-confidence, energy and enthusiasm.
Conducting Human Resources Activities
· Acts proactively when dealing with employee concerns.
· Extends professionalism and courtesy to employees at all times.
· Communicates/updates all goals and results with employees.
· Meets semiannually with staff on a one-to-one basis.
· Establishes and maintains open, collaborative relationships with employees.
· Solicits employee feedback.
· Interviews job candidates and assists in making hiring decisions.
· Receives hiring recommendations from team supervisors.
· Ensures orientations for new team members are thorough and completed in a timely fashion.
· Observes behaviors of employees and provides feedback to individuals.
Additional Responsibilities
· Provides information to supervisors, co-workers, and subordinates by telephone, in written form, e-mail, or in person in a timely manner.
· Manages group or interpersonal conflict.
· Informs and/or updates executives, peers, and subordinates on relevant information in a timely manner.
· Manages time effectively and conducts activities in an organized manner.
· Presents ideas, expectations and information in a concise, organized manner.
· Uses problem solving methodology for decision making and follow up.
· Performs other reasonable duties as assigned by manager
The salary range for this position is $161,900 to $196,900 annually. In addition to the annual salary, the position will be eligible to receive an annual bonus and restricted stock units/stock grants.
Washington Applicants Only: Employees will accrue 0.04616 PTO balance for every hour worked and eligible to receive minimum of 7 holidays annually.
All locations offer coverage for medical, dental, vision, health care flexible spending account, dependent care flexible spending account, life insurance, disability insurance, accident insurance, adoption expense reimbursements, paid parental leave, educational assistance, 401(k) plan, stock purchase plan, discounts at Marriott properties, commuter benefits, employee assistance plan, and childcare discounts. Benefits are subject to terms and conditions, which may include rules regarding eligibility, enrollment, waiting period, contribution, benefit limits, election changes, benefit exclusions, and others.
Marriott HQ is committed to a hybrid work environment that enables associates to Be connected. Headquarters-based positions are considered hybrid, for candidates within a commuting distance to Bethesda, MD; candidates outside of commuting distance to Bethesda, MD will be considered for Remote positions.
The application deadline for this position is 28 days after the date of this posting, October 24, 2024.
Marriott International is an equal opportunity employer. We believe in hiring a diverse workforce and sustaining an inclusive, people-first culture. We are committed to non-discrimination on any protected basis, such as disability and veteran status, or any other basis covered under applicable law.
Marriott International is the world’s largest hotel company, with more brands, more hotels and more opportunities for associates to grow and succeed. Be where you can do your best work, begin your purpose, belong to an amazing global team, and become the best version of you.