Associate Director, Information Security (Cloud and Emerging Technology)

Role Summary

Associate Director of Information Security (Cloud and Emerging Technology) to lead security strategy for advanced technologies, oversee a small security team, and advise IT and business units. Responsible for developing, implementing, and enforcing security frameworks and guardrails for cloud environments (primarily AWS), AI/ML platforms, Large Language Models, and DevSecOps practices. Ensures regulatory compliance and alignment with organizational risk appetite.

Responsibilities

• Lead, mentor, and manage a small team of security professionals, fostering collaboration, innovation, and continuous improvement.
• Develop, implement, and maintain a comprehensive security roadmap for all cloud platforms and emerging technologies.
• Design and implement secure architectures and controls within multi-cloud environments (AWS and Azure).
• Design and implement enterprise-level AI security guardrails for LLMs, MCP/A2A’s, agentic workflows, and internal AI tools and integrations.
• Partner with Data Science teams to validate AI opportunities and design secure end-to-end AI delivery pipelines.
• Refine/evolve processes for AI model usage approvals, risk assessments, and supply chain security for AI components (models, datasets, embeddings, APIs).
• Configure SIEM rules and observability tools to detect anomalous LLM behavior, unauthorized data access, and guardrail breaches in real time.
• Lead the integration of security tools and practices into the CI/CD pipeline (DevSecOps).
• Work with Legal, Compliance and AI Governance teams to align guardrails with evolving regulations and pharma guidelines.
• Monitor industry trends, threat intelligence, and regulatory developments impacting new technologies.
• Mentor and guide security analysts on complex technical issues.

Qualifications

• Required: BS/BA in Computer Science, Information Technology, or another related field.
• Required: Minimum 10 years’ experience in IT or Information Security with at least 6 years in Security Architecture/Engineering and a minimum of 2+ years focused specifically on AI/ML Security, MLOps Security, and GenAI guardrails.
• Required: Expertise in AI security concepts: prompt injection, model exploitation, adversarial attacks, prompt-based exfiltration, data leakage risks, and agent misbehavior.
• Required: Proven experience evaluating and securing AI/ML systems, including generative AI and LLM deployments in enterprise environments.
• Required: Experience developing and implementing AI governance frameworks.
• Required: Deep hands-on experience in AWS Cloud Security.
• Required: Solid background in cybersecurity engineering: IAM, network security, DLP, encryption, monitoring, incident response and threat modelling.
• Required: Knowledge of security regulations and best practices such as SOX, HIPAA, CIS, ISO/IEC 42001, EU AI Act, etc.
• Preferred: Relevant professional certifications (CISM, CISSP, CCSP or cloud-specific certifications).

Education

• BS/BA in Computer Science, Information Technology, or another related field.

Additional Requirements

• Ability to work a weekly hybrid office schedule in our Waltham office.