AI Security Architect- ARC, Apple Information Security

We are seeking an AI Security Architect with deep expertise across security architecture, AI/ML systems, and threat modeling to join the Apple Information Security (AIS) Assurance ARC team. You will own security guidance for the most critical, high-risk AI initiatives across Apple, shaping architecture patterns, conducting design reviews, selecting or building security solutions for AI-driven environments, and translating expert decisions into AI-powered guidance that scales across the entire organization. Your work will directly determine how safely and confidently Apple adopts AI at scale.\\n\\n\\nOur scope spans across Apple's products, services, and operations, where the adoption of AI is accelerating at an unprecedented pace. The Assurance ARC organization is entrusted with providing expert security architecture guidance for these AI systems, and your contributions will directly impact our ability to protect against evolving AI-specific threats while enabling the business to innovate securely at scale.\\n

In this high-impact role, you will bridge the gap between traditional security practices and emerging AI risks. Operating under Zero Trust principles and Secure by Default framework, you will partner with engineering, data science, product, and compliance teams to build \"paved roads\" - pre-approved, reusable, secure-by-default patterns that enable teams to build AI-driven systems without a bespoke review for every project. you will amplify the effectiveness of the entire security function, by reducing inbound request volume through proactive foundational work and providing developers, ML engineers, and traditional security architects with clear guidance and standardized controls, \n\nLeveraging deep AI/ML knowledge, you will evaluate risks such as data poisoning, model manipulation, and prompt injection, while simultaneously applying AI to security workflows to automate threat modeling, design reviews, and control validation. The third dimension of this role beyond prevention and response, is scale: applying AI-driven tooling to extend the team's reach far beyond what headcount alone can achieve. This is a highly strategic and technical role that bridges AI innovation with security, enabling Apple to adopt AI confidently and at pace.\nAs part of the Advisory Arm, you will also contribute directly to the Self-Service Enablement Platform, codifying decisions, patterns, and trade-offs from your reviews into AI-powered guidance accessible to teams without direct advisory engagement. Additionally, by working on Apple's most cutting-edge AI projects, you will serve as an intelligence sensor for the broader ARC team: identifying emerging AI/ML technologies and architectural patterns that should become future foundational focus areas, ensuring the organization stays ahead of the threat landscape.\n

BS in Computer Science, Computer Engineering, or Information Security, or 6+ years of equivalent, hands-on security experience in large enterprise environments a plus.\nStrong background in security architecture, application security, or cloud security\nDemonstrated understanding of AI/ML concepts, pipelines, and risks (e.g., data poisoning, prompt injection, model inversion, model theft)\nExperience with threat modeling methodologies (e.g., STRIDE) and secure design principles\nFamiliarity with AI regulatory frameworks such as the EU AI Act, NIST AI RMF, ISO/IEC 42001, or comparable standards\nAbility to communicate security concepts clearly to both technical and non-technical stakeholders\nProven ability to partner with engineering, data science, and product teams to drive adoption of security requirements\nExperience applying AI/LLMs for security automation (e.g., risk analysis, automated threat modeling, compliance validation)\nProficiency in at least one scripting or programming language (e.g., Python, Swift, Java)

Experience performing full-stack security architecture reviews encompassing cloud-native and emerging AI/ML technologies\nExperience designing security patterns for LLM-based systems, RAG pipelines, or agentic architectures\nFamiliarity with Zero Trust architecture principles and Secure by Default design\nExperience with data protection, encryption architecture, and key management in AI/ML contexts\nStrong verbal and written communication skills, with the ability to build consensus across diverse teams\nA real passion for staying ahead of emerging AI security risks and translating that knowledge into actionable guidance\nDeeply accountable for your work; upbeat, adaptable, and results-oriented