Randstad, as the talent acquisition partner, is responsible for finding and contracting talent for this contingent role at Aviva. If you are selected for a role you will be engaged or employed by one of the Randstad recruitment companies and will not be an employee of Aviva.

Aviva

Cloud & AI Security Architect

Opportunity ref number: 444
Location
London
Hours per week
40 hrs/week
Contract type
Contingent opportunity
Payrate range
As per job description

Cloud & AI Security Architect

About the Role

We are seeking a hands-on Cloud & AI Security Architect with proven enterprise experience securing and delivering AI systems built on AWS Bedrock and/or Azure AI Foundry.

This is a delivery-focused architecture role. Candidates must have directly worked on production GenAI systems, not just designed or advised on them.

You will define and implement security architecture for AI-enabled cloud platforms, ensuring secure-by-design implementation across LLM, RAG, and agent-based systems in a regulated enterprise environment.

Required Experience (must-have)

Candidates must demonstrate:

  • Hands-on delivery of production AI systems using AWS Bedrock and/or Azure AI Foundry

  • Direct experience securing LLM-based applications in enterprise environments

  • Experience building or securing RAG pipelines, AI APIs, or agentic workflows

  • Implementation of security controls (not just design or governance)

  • Experience operating in regulated enterprise environments

Key Responsibilities

AI Security Architecture

  • Design and implement security for GenAI systems using AWS and Azure AI platforms

  • Secure LLM applications, including prompt flows, RAG pipelines, and agent workflows

  • Define and enforce model access controls, data boundaries, and interaction security

Cloud Security Engineering

  • Implement security architecture across AWS and Azure environments

  • IAM, federation, least privilege, and identity governance

  • Network security (zero trust, segmentation, private endpoints)

  • Encryption, key management, and secrets handling

  • Secure CI/CD and DevSecOps integration

AI Risk & Threat Management

  • Threat model AI systems (LLMs, agents, orchestration layers)

  • Identify and mitigate risks such as prompt injection, data leakage, and model abuse

  • Define guardrails for safe enterprise AI adoption

Architecture Assurance

  • Review HLDs and LLDs for cloud and AI systems

  • Ensure alignment with enterprise security and regulatory requirements

  • Translate security requirements into implementable engineering controls

Required Skills

Cloud Security

  • IAM, SSO, RBAC/ABAC models

  • Cloud network security (VPC/VNet, segmentation, private connectivity)

  • KMS/HSM, encryption, and secrets management

  • SIEM integration and security monitoring

  • DevSecOps / CI-CD security controls

AI Security (hands-on required)

  • Securing LLM applications in production

  • RAG architecture security

  • Agentic AI workflow security

  • Prompt injection and LLM abuse mitigation

  • AI data governance and access control

Architecture & Delivery

  • Proven ability to design and implement HLD/LLD in production environments

  • Experience producing reusable security architecture patterns

  • Ability to work directly with engineering teams to implement controls

  • Strong understanding of balancing delivery speed with security requirements

Success Criteria

  • AI systems on AWS Bedrock / Azure AI Foundry are secure by design

  • Security patterns are reusable and adopted by engineering teams

  • AI features can be delivered quickly without introducing unmanaged risk

  • Clear alignment between AI innovation and enterprise security requirements


Similar opportunities

Solution Architects - Future Opportunities
Bristol - 35 hrs/week
+ Search all opportunities