IT Solutions Architect – AI

IT Solutions Architect - AI

Location: Chicago, IL

Employment Type: Contract 7+ Months

Work Model: Hybrid (Onsite Tuesday-Thursday, 8 AM - 5 PM CST)

Role Overview

Northern Trust is seeking a Senior AI Security Engineer to lead the design, assessment, and governance of security controls for enterprise AI and machine learning systems. This role blends cybersecurity architecture, IAM, and emerging AI/ML technologies, ensuring secure deployment of AI workloads—including large language models, agentic frameworks, and ML pipelines—within a regulated environment.

Key Responsibilities

• Architect and implement security frameworks for AI/ML platforms (model hosting, inference endpoints, training pipelines, agentic AI).
• Develop and enforce identity, authentication, and authorization (IAA/IAM) controls, ensuring least‑privilege access and secure token flows (OAuth 2.0, OBO, managed identities).
• Conduct threat modeling and risk assessments using OWASP AI Top 10, MITRE ATLAS, and NIST AI RMF.
• Harden AI supply chain components (model registries, MCP servers, API gateways, third‑party integrations).
• Define IAM policies and RBAC for AI environments across Azure, AWS, and GCP.
• Collaborate with data science, engineering, and compliance teams to embed security guardrails into the AI lifecycle.
• Author security documentation (architecture records, risk assessments, implementation guides).
• Monitor evolving AI threat vectors (prompt injection, tool poisoning, model manipulation, data exfiltration) and implement actionable controls.
• Present findings and recommendations to leadership and governance boards.
• Contribute to enterprise AI security standards and policies.

Required Qualifications

• 7+ years in cybersecurity, with 3+ years in security architecture/engineering.
• Strong knowledge of network, application, and data security; zero‑trust principles.
• Hands‑on IAM experience (Azure AD/Entra ID, Okta, Ping, AWS IAM).
• Expertise in authentication/authorization protocols (OAuth 2.0, OIDC, SAML, SCIM).
• 1-3 years of experience securing AI/ML systems (LLM deployments, agentic frameworks, ML pipelines).
• Familiarity with AI threat vectors (prompt injection, data poisoning, model inversion, plugin abuse).
• Exposure to AI governance frameworks (NIST AI RMF, EU AI Act, OWASP AI Top 10, MITRE ATLAS).
• Excellent communication skills; ability to translate technical risks into business language.

Preferred Qualifications

• Experience in financial services or regulated industries (SOX, GDPR, MiFID II).
• Hands‑on with Microsoft Azure/M365 security ecosystems (Entra ID, Copilot Studio, Defender for Cloud, Purview).
• Familiarity with API gateway security for AI services (Azure APIM, Kong, Cloudflare AI Gateway).
• Knowledge of secure MLOps pipeline design, container security, and model scanning.
• Certifications: CISSP, CCSP, CISM, Azure Security Engineer Associate, or AI‑specific credentials.
• Experience with Model Context Protocol (MCP) security controls.
• Contributions to security communities, mentoring, or publishing research.