Solution & AI Security Architect

Solution & AI Security Architect

Kapital Bank
  • Şəhər

    Bakı, PBT2 (Port Baku Tower 2),

  • Kateqoriya

    Texnologiya

  • Maaş

    Razılaşma ilə

  • Yerləşmə tarixi

    03 iyul 2026

  • Bitmə tarixi

    03 avqust 2026

We are looking for a Solution & AI Security Architect to define and drive the security architecture of modern cloud-native applications and AI platforms. In this role, you will design secure-by-default solutions, establish AI security standards, lead architecture reviews, and ensure the protection of software, Kubernetes environments, and AI/ML workloads throughout their lifecycle. You will work closely with engineering, DevSecOps, and SOC teams to build resilient, scalable, and compliant AI-powered solutions.

+ ' ' +
  • Knowledge in solution security architecture with threat modeling (STRIDE, attack trees) and OWASP ASVS/Top 10
  • Deep software security: API security, OAuth2/OIDC/JWT, mTLS and service mesh (Istio/Linkerd), microservices, and secure coding/dependency knowledge
  • Knowledge on Kubernetes security across managed and self-managed clusters: policy-as-code (OPA/Gatekeeper, Kyverno), network policy, runtime security (Falco/eBPF), and image/supply-chain integrity (SBOM, Sigstore/cosign, SLSA)
  • Modern DevSecOps: CI/CD pipeline security, IaC (Terraform), GitOps, and secrets management
  • AI Gateway and AI Workbench security architecture: classification-aware routing, layered guardrails, virtual keys, prompt-injection/jailbreak defense, RAG isolation, and agentic/MCP controls, with LLM observability (OpenTelemetry/Langfuse)
  • Understanding of SOC operating model and detection lifecycle sufficient to translate AI/security architecture risks into logs, alerts, SIEM/SOAR use cases, incident response playbooks, and threat-hunting requirements.
  • AI/ML and MLOps security: model threats and MITRE ATLAS, OWASP LLM Top 10, NIST AI RMF, ISO/IEC 42001, EU AI Act
  • Coding and pipeline literacy sufficient to review designs and engage engineers credibly
+ ' ' +
  • Opportunity to learn through working
  • Familiarity with a real banking environment
  • Gaining practical knowledge and experience
  • Development of communication and customer service skills
  • Improving teamwork abilities
  • Support from a professional mentor
  • Chance to build a future career at Bir Ecosysem
+ ' ' +
  • Own solution and software security architecture — secure-design reference patterns, security-by-design blueprints, and reference threat models that support product security.
  • Own secure software and integration design: API and service-to-service security, authentication/authorization (OAuth2/OIDC), mTLS/service-mesh patterns, session and secrets handling, and secure SDK/dependency-supply-chain patterns
  • Provide architecture-stage security design review and sign-off for new solutions and major changes
  • Own Kubernetes and workload security architecture for EKS and on-prem clusters (hardening/CIS, admission and policy-as-code with OPA/Gatekeeper/Kyverno, network policy, pod security, runtime)
  • Own the AI Gateway security architecture as single enforcement point: deny-by-default, classification-driven model routing, virtual keys/RBAC-ABAC, layered guardrails, prompt-injection/jailbreak defense, output validation, and no-silent-downgrade
  • Own the AI Workbench, RAG, and agentic security architecture: RAG source-ACL preservation and tenant isolation, indirect-injection scanning, and agent permission envelopes with human-in-the-loop and MCP/A2A controls
  • Own AI/ML lifecycle and MLOps security (Model Registry, artifact integrity, deployment gates, serving hardening) and model security (adversarial, poisoning, extraction, inversion)
  • Define security monitoring, logging, and detection requirements for AI platforms and workloads from a SOC perspective, including AI Gateway events, prompt/response abuse indicators, anomalous agent activity, data-exfiltration signals, and policy bypass attempts.
  • Define security baselines and kill-switch/rollback strategies for autonomous AI agents
  • Apply AI risk and governance at architecture design level (NIST AI RMF, ISO/IEC 42001, MITRE ATLAS, OWASP LLM Top 10)
  • Recommend solution and AI security patterns and replacements, and represent them in the Architecture CoE

Kapital Bank iş mühiti, əlavə fürsətlər və digər vakansiyaları görüntüləmək üçün Kapital Bank Life səhifəsinə keçid edin.

Vakansiyalardan daha tez xəbərdar olmaq üçün Telegram kanalımıza abunə olun!

Oxşar vakansiyalardan bildiriş al

Solution & AI Security Architect vakansiyaları olduğu zaman anında bildirişi e-poçtunuza alın.

Oxşar vakansiyalar

Ən son vakansiyalar - İş elanları 2025

Daha çox