Principal Security Solutions Architect, AI-Driven Guidance, Well-Architected Solutions Innovation

Do you want to set the standard for how builders architect AI workloads that are secure reliable and efficient on AWS with security as the foundation We are looking for a Principal Security Solutions Architect with deep expertise in Machine Learning Generative AI and Agentic AI to own and drive the strategic vision for Security-focused Architectural Guidance Best Practices across AI workloads. You will operate at the intersection of AI technologies cloud architecture and security engineering ensuring AI workloads achieve Well-Architected outcomes across all six pillars Operational Excellence Security Reliability Performance Efficiency Cost Optimization and Sustainability with depth in the Security pillar. You will influence both internal AWS teams and the broader builder community.
In this role you will define the long-term technical direction for AI security architectural guidance translate emerging AI/ML security patterns into prescriptive and actionable best practices grounded in the Well-Architected pillars and influence AWS service design to better serve AI builders who need to secure their workloads across the full AI lifecycle.


Key job responsibilities
- Set Strategic Technical Direction for AI Security: Define and own the long-term vision and roadmap for AI/ML security architectural guidance aligned to the AWS Well-Architected Guidance pillars with deep focus on the Security pillar including identity access control data protection data residency and sovereignty threat detection and incident response for AI workloads.
- AI Security & Generative AI Thought Leadership: Serve as the organizations principal technical authority on securing AI architectures covering model security data pipeline protection prompt injection mitigation model poisoning prevention inference endpoint hardening and secure agentic workflows. Provide guidance on security considerations for foundation models RAG pipelines fine-tuning multi-agent orchestration and responsible AI practices. Drive consensus on complex ambiguous security decisions in AI systems.
- Raise the Bar Across the Organization: Establish security standards review mechanisms and architectural guardrails that elevate the entire guidance portfolio. Define what great looks like for AI security guidance and hold the team accountable.
- Influence Service Roadmaps: Partner with Stakeholders and Engineers across AWS service teams (Amazon Bedrock SageMaker Q AWS Security services etc.) to represent the customer voice on AI security validate architectural recommendations and influence product direction based on security patterns observed in production AI workloads.
- Executive Customer Engagement: Engage directly with strategic enterprise customers to validate security guidance through real-world implementations identify emerging AI security challenges and translate insights into scalable best practices.
- Drive Innovation in Content Delivery: Own the strategy for automation tooling and pipelines (including Generative AIassisted authoring) that accelerate the creation review and publication of AI security guidance at scale. Define mechanisms that ensure guidance remains current as the AI threat landscape evolves rapidly.
- External Thought Leadership: Publish whitepapers blog posts and reference architectures; present at AWS events (re:Invent Summits webinars) and industry security conferences to establish AWS as a leading authority on securing Well-Architected AI workloads.
- Mentorship & Organizational Impact: Mentor senior architects on AI security best practices drive hiring bar-raising and build a community of practice that scales AI security architectural expertise across the organization. Contribute to organizational strategy and workforce planning.
- Mechanisms & Operational Excellence: Design and implement repeatable mechanisms (e.g. security review processes threat modeling for AI workloads guidance lifecycle management feedback loops) that ensure sustained quality and relevance at scale.
- Hands-On Technical Validation: Validate security architectural recommendations through prototyping proof-of-concept implementations threat modeling exercises and code samples that demonstrate secure AI patterns.

About the team
Diverse Experiences AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description we encourage candidates to apply. If your career is just starting hasnt followed a traditional path or includes alternative experiences dont let it stop you from applying. Why AWS Amazon Web Services (AWS) is the worlds most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating thats why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Inclusive Team Culture Here at AWS its in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences including our Conversations on Race and Ethnicity (CORE) and AmazeCon (diversity) conferences inspire us to never stop embracing our uniqueness. Mentorship & Career Growth Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home which is why flexible work hours and arrangements are part of our culture. When we feel supported in the workplace and at home theres nothing we cant achieve in the cloud.

- Bachelors degree or above in Computer Science Computer Engineering Cybersecurity or other related discipline
- 10 years of experience in solutions architecture security architecture or a senior technical role with increasing scope and impact
- 7 years of hands-on experience in cloud security application security or infrastructure security
- Deep understanding of the end-to-end ML lifecycle from a security perspective: secure data preparation model integrity supply chain security deployment hardening monitoring and governance
- Demonstrated expertise in security domains: identity and access management encryption network security threat modeling vulnerability management and compliance
- Demonstrated ability to influence technical direction across organizational boundaries without direct authority
- Experience with AWS security and AI/ML services (IAM KMS GuardDuty Security Hub Bedrock SageMaker etc.)
- Exceptional written and verbal communication skills with a track record of publishing authoritative technical content (whitepapers guidance documents reference architectures) for executive and technical audiences
- Proven ability to work with cross-functional senior leadership to define and implement security architectural standards at organizational scale.

- Deep expertise in securing Generative AI architectures: model access controls data leakage prevention prompt injection defenses RAG pipeline security vector database access patterns and secure fine-tuning workflows
- Hands-on experience securing Agentic AI patterns: permission boundaries for autonomous agents secure tool-use architectures least-privilege orchestration audit trails and human-in-the-loop approval gates
- Expert-level knowledge of AWS security and AI/ML services: AWS IAM KMS CloudTrail GuardDuty Security Hub Macie Amazon Bedrock Guardrails Amazon SageMaker (with VPC encryption role-based access) and related services
- Experience defining or contributing to the AWS Well-Architected Guidance (Security pillar) or similar enterprise-scale security review guidance
- Recognized thought leader with a strong publication record and conference speaking history (re:Invent AWS Summits industry security/architecture conferences or equivalent)
- Experience with Infrastructure as Code (CDK CloudFormation Terraform) and CI/CD practices for secure ML pipelines (MLSecOps)
- Deep knowledge of responsible AI practices: fairness explainability safety guardrails governance standards and regulatory compliance (SOC 2 ISO 27001 NIST AI RMF EU AI Act)
- AWS certifications (Solutions Architect Professional Security Specialty Generative AI or equivalent)
- Demonstrated experience mentoring senior engineers on security practices and contributing to organizational hiring and talent development strategy

Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.

Los Angeles County applicants: Job duties for this position include: work safely and cooperatively with other employees supervisors and staff; adhere to standards of excellence despite stressful conditions; communicate effectively and respectfully with employees supervisors and staff to ensure exceptional customer service; and follow all federal state and local laws and Company policies. Criminal history may have a direct adverse and negative relationship with some of the material job duties of this position. These include the duties and responsibilities listed above as well as the abilities to adhere to company policies exercise sound judgment effectively manage stress and work safely and respectfully with others exhibit trustworthiness and professionalism and safeguard business operations and the Companys reputation. Pursuant to the Los Angeles County Fair Chance Ordinance we will consider for employment qualified applicants with arrest and conviction records.

Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience qualifications and location. Amazon also offers comprehensive benefits including health insurance (medical dental vision prescription Basic Life & AD&D insurance and option for Supplemental life plans EAP Mental Health Support Medical Advice Line Flexible Spending Accounts Adoption and Surrogacy Reimbursement coverage) 401(k) matching paid time off and parental leave. Learn more about our benefits at CA Irvine - 182800.00 - 247300.00 USD annually
USA TX Dallas - 182800.00 - 247300.00 USD annually
USA WA Bellevue - 182800.00 - 247300.00 USD annually