FICO
Website:
fico.com
Job details:
The Opportunity
"The role will define and drive the security architecture strategy for FICO's rapidly expanding AI ecosystem - from LLM-powered products and agentic AI systems to the data pipelines and analytical models that underpin our decisioning platform" - Hiring Manager
What You'll Contribute
- Define and maintain FICO's AI security reference architectures and design patterns spanning LLM integrations, RAG architectures, agentic AI systems, MCP server deployments, and ML training pipelines.
- ·Architect security controls across the AI model lifecycle - training data provenance, artifact signing, model registry governance, inference endpoint hardening, and runtime monitoring - ensuring FICO's analytical models are protected against data poisoning, model extraction, adversarial evasion, and prompt injection.
- Drive architectural decisions for AI security platform selection and integration (AI-SPM, LLM firewalls, MLSecOps tooling).
- Define the security strategy for FICO's AI consumption posture - centralized AI tool inventory, shadow AI detection, SaaS AI acceptable use enforcement, and developer workstation AI monitoring.
- Own FICO's enterprise data security strategy encompassing data classification, DSPM, DLP, sensitive data discovery, and data lineage across cloud, SaaS, and on-premises environments.
- Architect prompt-layer and AI-workflow data protection controls to prevent inadvertent leakage of sensitive data or proprietary model logic through AI tool interactions.
- Lead security architecture for data governance within the Analytical Model Life Cycle, ensuring data quality, sanitization, and provenance tracking are embedded as security gates.
- Serve as the trusted security advisor to product engineering, data science, and platform teams, translating complex AI and data security risks into business-consumable guidance for leadership and product management.
- ·Participate in product planning cycles and architecture review boards, ensuring "secure by design" and "privacy by design" principles are embedded from the earliest stages of AI feature development and data systems.
- ·Author and maintain AI-specific threat libraries aligned to MITRE ATLAS, OWASP LLM Top 10, and OWASP Agentic AI Top 10, and lead AI-specific threat modeling for FICO products.
- Set the direction for AI security standards, policies, and governance frameworks aligned to EU AI Act, NIST AI RMF, ISO 42001, and applicable regulations, in coordination with GRC and legal teams.
- Collaborate with Cyber Security Operations, Incident Response, and Security Engineering teams to ensure AI-specific detection use cases, logging standards, and response playbooks are operationally viable.
What We're Seeking
- A collaborative leader who raises the bar for the team and brings clarity in ambiguous, fast-moving situations.
- Deep architectural understanding of AI/ML security risks across the full lifecycle: training data integrity, model supply chain, inference security, prompt injection/jailbreaking, model extraction, adversarial attacks, and AI agent governance.
- Experience architecting security for LLM-based applications, RAG systems, agentic AI frameworks, and multi-model orchestration (e.g., MCP, tool-use patterns, AI gateways).
- A hands-on builder's mindset - strong software engineering skills in Python and/or Java, with a bias toward writing code, building tooling, and automating security controls rather than producing paper artifacts.
- Strong architectural experience with enterprise data security: DSPM, DLP, data classification, sensitive data discovery, encryption, key management, and data access governance.
- ·Extensive architectural understanding of cloud security, Kubernetes, cloud-native computing, and microservices.
- ·Experience at an architecture capacity within a complex, multi-product enterprise environment, with the ability to operate at both strategic and design levels.
- Knowledge of MLSecOps practices including ML pipeline security, model provenance and artifact signing, model registry governance, and automated AI security testing.
- ·Familiarity with AI security frameworks and taxonomies: MITRE ATLAS, OWASP LLM Top 10, NIST AI RMF, and ISO 42001.
- ·Experience with architecture and security reviews, threat modeling, and application risk assessments, with the capability of articulating complex architectural challenges in a consumable way for business leadership and product management.
- Strong knowledge of privacy laws and regulations such as GDPR, CCPA, DPDP Act (India), and financial regulations including PCI DSS. Familiarity with ISO 27001, NIST CSF, and emerging AI governance regulations.
Our Offer to You
- An inclusive culture strongly reflecting our core values: Act Like an Owner, Delight Our Customers and Earn the Respect of Others.
- The opportunity to make an impact and develop professionally by leveraging your unique strengths and participating in valuable learning experiences.
- Highly competitive compensation, benefits and rewards programs that encourage you to bring your best every day and be recognized for doing so.
- An engaging, people-first work environment offering work/life balance, employee resource groups, and social events to promote interaction and camaraderie.
Click on Apply to know more.