Artificial Intelligence (AI) Security Architect

Location:

The Artificial Intelligence (AI) Security Architect is responsible for securing and governing the enterprise's use of Agentic AI, Generative AI (GenAI), and Large Language Models (LLM) systems. The architect ensures that AI solutions adhere to enterprise security architecture principles, regulatory obligations, and Model Risk Management requirements while enabling safe innovation across business lines. The role brings deep security expertise together with applied AI security, threat modeling, data-protection strategy, and enterprise architecture alignment.

Primary Responsibilities

1. Architecture & Design

• Develop and maintain enterprise-grade security architecture patterns for Agentic AI, GenAI and LLMs, systems, aligned with approved Information Security and Enterprise Architecture platforms and principles.

• Incorporate security requirements across reference models, solution architectures, and system designs supporting AI use cases-including model integration, retrieval-augmented generation (RAG), autonomous agent workflows, and sensitive data pathways.

• Ensure AI architectures support traceability, auditability, regulatory alignment, and controlled autonomy of AI agents.

• Review and guide secure integration patterns for in-house developed AI, third-party AI platforms, external APIs, vendor-hosted and internally hosted LLMs, and cloud-based AI services.

2. Security Risk, Controls & Governance

• Lead security assessment and modeling of AI solutions under the enterprise AI Program governed by the AI Engineering, Enterprise Architecture and Model Risk teams.

• Partner with Enterprise Security Services, Model Risk, Legal, Compliance, Operational Risk, Procurement, and Third-Party Management to assess risks of proposed AI use cases, new vendors, and data flows.

• Define and enforce security controls for model access, identity, authentication, encryption, and secure storage/retention of training and inference data.

• Evaluate model-specific threats including data leakage, model poisoning, prompt-injection, insecure agent autonomy, and unintended model behaviors.

• Continuously monitor the evolving threat landscape and integrate emerging trends into architecture decisions, security controls, and program strategy.

3. Cross-Enterprise Enablement

• Serve as the primary liaison between Enterprise Architecture, Information Security, Lines of Business, and Shared Services for all AI initiatives.

• Translate regulatory, environmental, and technology constraints into secure model design patterns and operational controls.

• Advise senior leadership, including Information Security management and CISO stakeholders, on AI security risks, technology decisions, and emerging threats.

• Contribute to the Security Domain Architecture team and broader strategic AI architecture discussions.

4. Threat Modeling & Defensive Engineering

• Partner with Security Architecture teammates on enterprise threat modeling in in conjunction with other Cybersecurity teams for AI pipelines, agent interactions, embeddings, RAG systems, and autonomous workflow orchestration.

• Evaluate cyber defense and vulnerability assessment implications for AI-powered applications, ensuring resilience against adversarial AI techniques.

• Drive design of countermeasures in alignment with industry frameworks (e.g MITRE ATLAS) to mitigate identified AI-related risks.

Required Knowledge & Skills

• Deep understanding of authentication, authorization, identity systems, and access-control mechanisms applicable to AI systems.

• Strong background in cloud, network, and application security controls relevant to model hosting, AI APIs, and high-scale inference workloads.

• Experience in cryptography, encryption key management, and secure data-handling practices for training, fine-tuning, embedding generation, and inference logs.

• Familiarity with enterprise information security architecture frameworks and service-management methodologies.

• Understanding of regulatory, compliance, and model-risk considerations for AI systems in a financial-services context.

• Ability to communicate complex security and AI concepts to technical and non-technical stakeholders with clarity.

• Maintain ongoing expertise in emerging cyber risks and AI-driven threat vectors through continuous research, industry engagement, and hands-on evaluation of new technologies.

Preferred Experience

• Designing or securing LLM-based solutions (RAG, prompt engineering, agent orchestration, vector databases).

• Experience with enterprise-scale AI security platforms and AI-specific threat-mitigation tools.

• Prior architecture experience in highly regulated industries (financial services, banking, or similar).

Education & Certification

• Bachelor's in information security, Computer Science, Engineering, or a related field or equivalent work experience.

• Relevant certifications (e.g., CISSP, CCSP, AWS/Azure/GCP security, AI-related credentials) are preferred.

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $96,000.00 - $181,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation which may include production, commission, and/or discretionary incentives.

Please click here ( for a list of benefits for which this position is eligible.

Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.

Job Posting Expiration Date: 03/27/2026

KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing [email protected].

#LI-Hybrid

KeyBank is an organization collectively committed to helping you unlock your potential and discover what truly drives you. Working here means sharing our purpose to help our clients, colleagues, and communities thrive. You'll find genuinely supportive teammates, a flexible, inclusive work environment, challenging projects, accessible leaders, and opportunities to grow in your position and your career. For 200 years, Key has opened doors in our communities. Let us open one for you.