Principal Cybersecurity Architect – Generative AI Security

GE Vernova

Schenectady, New York(remote)

JOB DETAILS
SKILLS
Amazon Web Services (AWS), Application Programming Interface (API), Architectural Services, Artificial Intelligence (AI), Best Practices, Business Solutions, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Candidate Screening, Career Development, Cloud Computing, Computer Security, Conversation Engine, Cross-Functional, Data Management, Data Modeling, Distributed Computing, Ecosystems, GCP (Good Clinical Practices), Incident Response, Information/Data Security (InfoSec), Injections, Internet Security, Leadership, Legal, MCP - Microsoft Certified Professional, Memory Hardware, Mentoring, Microservices, Microsoft Windows Azure, Policy Development, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Security Architecture, Software Administration, Software as a Service (SaaS), Standards Organizations, Systems Analysis, Team Lead/Manager, Technical Leadership, Threat Modeling, Threat and risk analysis (TRA), Use Cases
LOCATION
Schenectady, New York
POSTED
2 days ago

Job Description Summary

We are seeking a Principal Cybersecurity Architect – Generative AI Security to lead the design, governance, and secure adoption of Generative AI (GenAI) technologies across the enterprise.
This role will act as the primary security partner to the AI Foundry and AI platform teams, ensuring AI systems—including LLMs, agentic frameworks, and autonomous workflows—are designed with security, compliance, and resilience from the ground up.
The ideal candidate will define security strategy, establish enterprise controls, and create reusable patterns for GenAI solutions. You will operate at the intersection of AI innovation and cybersecurity—enabling rapid adoption of GenAI while managing emerging risks such as prompt injection, data leakage, model manipulation, and autonomous agent misuse.

Job Description

Key Responsibilities

GenAI Security Architecture & Strategy

  • Define and own the enterprise security architecture for Generative AI systems, including LLM-based applications, agentic AI, and AI platforms
  • Partner with the AI Foundry to design secure GenAI platforms, tools, and workflows
  • Establish architectural standards and guardrails for AI system design, deployment, and operation
  • Ensure alignment with enterprise cybersecurity policies, regulatory requirements, and risk frameworks

Secure-by-Design AI Systems

  • Embed secure-by-design principles into AI pipelines, including model access, data ingestion, inference, and output handling
  • Support Business Application Solutions Engagement (BASE) reviews and partner with the AI foundry to design secure GenAI systems.
  • Conduct architecture reviews to identify risks across AI systems, including data exposure, model misuse, and integration vulnerabilities
  • Publish Risk Assessment Reports that include threats and mitigating controls aligned to GEV policies and standards
  • Define required security controls across the AI lifecycle (training, fine-tuning, inference, and retrieval-augmented workflows)

AI Threat Modeling & Risk Management

  • Lead threat modeling and risk assessments for GenAI systems using frameworks such as:
    • OWASP Top 10 for LLM Applications
    • OWASP Top 10 for Agentic Applications
    • MITRE ATT&CK / ATLAS (for AI threats)
  • Identify threats including:
    • Prompt injection and indirect prompt manipulation
    • Model inversion and data exfiltration
    • Agent autonomy abuse and unsafe tool execution
  • Define mitigating controls and risk treatment strategies

Zero Trust for AI & Agent Security

  • Apply Zero Trust principles to AI systems, including:
    • Identity and authentication for AI agents and services
    • Least-privilege access to tools, APIs, and data sources
    • Continuous validation of agent actions and interactions
  • Define security models for agent-to-agent, agent-to-system, and agent-to-data interactions
  • Implement guardrails to constrain agent autonomy and enforce policy compliance

Model Context Protocol & AI Integration Security

  • Define secure patterns for Model Context Protocol (MCP) and agent orchestration frameworks
  • Ensure secure handling of context, memory, and tool invocation across AI workflows
  • Establish governance for data access and context injection into LLMs and agents
  • Evaluate and secure integrations with internal APIs, SaaS platforms, and data services

Reusable AI Security Patterns & Frameworks

  • Create and publish enterprise-approved GenAI security patterns and reference architectures
  • Standardize controls for common GenAI use cases (chatbots, copilots, autonomous agents, RAG systems)
  • Enable rapid adoption through reusable patterns that align to enterprise policies

Governance, Policy & Compliance

  • Establish enterprise policies, standards, and frameworks for AI security and governance
  • Ensure AI systems meet requirements for data privacy, compliance, and auditability
  • Partner with GRC, Legal, and Risk teams to define AI governance models
  • Develop controls for monitoring, logging, and incident response for AI systems

Technical Leadership & Enterprise Influence

  • Serve as the enterprise subject matter expert for GenAI security architecture
  • Influence AI strategy and adoption through security leadership
  • Mentor architects and engineers on AI security best practices
  • Represent the organization in AI security initiatives, vendor discussions, and standards bodies

Required Qualifications

  • 8+ years of cybersecurity experience with strong focus on application, cloud, or AI security architecture
  • Hands-on experience securing Generative AI / LLM-based systems
  • Knowledge of:
    • OWASP Top 10 for LLM Applications
    • OWASP Top 10 for Agentic Applications
  • Strong understanding of Zero Trust architecture, applied to AI and distributed systems
  • Experience with LiteLLM AI gateway and Prisma AIRS
  • Experience with AI/ML platforms and LLM ecosystems
  • Understanding of threat modeling frameworks (MITRE ATT&CK, ATLAS, OWASP)
  • Experience securing APIs, data pipelines, and microservices architectures
  • Strong ability to influence cross-functional teams and lead at an enterprise level

Preferred Qualifications

  • Experience working with AI Foundries or enterprise AI platforms
  • Familiarity with Model Context Protocol (MCP) and agent orchestration frameworks
  • Experience with cloud AI services (Azure OpenAI, AWS Bedrock, GCP Vertex AI, etc.)
  • Knowledge of RAG architectures, vector databases, and AI data security
  • Experience with identity solutions for non-human identities (agents, service principals)
  • Certifications such as:
    • CISSP, CCSP
    • AI/ML security or cloud security certifications

Additional Information

GE Vernova offers a great work environment, professional development, challenging careers, and competitive compensation. GE Vernova is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable).

Relocation Assistance Provided: No

#LI-Remote - This is a remote position

Application Deadline:

 

 

For candidates applying to a U.S. based position, the pay range for this position is between $145,400.00 and $242,400.00. The Company pays a geographic differential of 110%, 120% or 130% of salary in certain areas. The specific pay offered may be influenced by a variety of factors, including the candidate’s experience, education, and skill set.

 

 

Bonus eligibility: discretionary annual bonus.

 

 

This posting is expected to remain open for at least seven days after it was posted on July 08, 2026.

 

 

Available benefits include medical, dental, vision, and prescription drug coverage; access to Health Coach from GE Vernova, a 24/7 nurse-based resource; and access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services. Retirement benefits include the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and financial planning consultants. Other benefits include tuition assistance, adoption assistance, paid parental leave, disability benefits, life insurance, 12 paid holidays, and permissive time off.

 

 

GE Vernova Inc. or its affiliates (collectively or individually, “GE Vernova”) sponsor certain employee benefit plans or programs GE Vernova reserves the right to terminate, amend, suspend, replace, or modify its benefit plans and programs at any time and for any reason, in its sole discretion. No individual has a vested right to any benefit under a GE Vernova welfare benefit plan or program. This document does not create a contract of employment with any individual.

About the Company

G

GE Vernova