Principal Security Architect Artificial Intelligence

Amgen

Lisbon, Portugal

What you will do

As a Principal Security Architect Artificial Intelligence, you’ll work at the intersection of science, data, and innovation. You’ll collaborate with world-class experts across domains to build high-impact digital solutions that accelerate research, streamline operations, and empower better patient outcomes.

You will lead the design and governance of secure Artificial Intelligence and Machine Learning (AI/ML) systems across our biotechnology ecosystem in Amgen. The Security Architect ensures that advanced AI technologies used in R&D, clinical development, and digital health are resilient, compliant, and ethically designed.

The Security Architect will collaborate with cross-functional teams — cybersecurity, bioinformatics, data science, regulatory affairs, and IT — to integrate security into the AI lifecycle. Responsibilities include establishing architectural standards, threat modeling, secure MLOps design, and regulatory alignment for AI systems critical to scientific innovation and patient outcomes.

Let’s do this. Let’s change the world.

In this vital role you will:

Design and enforce enterprise-level AI/ML security architectures for platforms used in drug discovery, genomics, clinical data analysis, and diagnostics.
Ensure security best practices are applied from data acquisition, model training, and validation to deployment, monitoring, and decommissioning.
Lead AI-specific threat modeling to address risks such as adversarial attacks, data poisoning, model inversion, and intellectual property leakage.
Ensure alignment with healthcare and biotech regulations (e.g., HIPAA, GDPR, 21 CFR Part 11, GxP) and contribute to AI governance and ethical risk frameworks.
Architect secure, scalable MLOps pipelines that enable model reproducibility, auditability, version control, and automated security validation.
Act as a trusted advisor to R&D, clinical, data science, and infrastructure teams, providing guidance on secure AI design and deployment.
Evaluate and integrate AI security tools and frameworks for monitoring, explainability, data privacy, and adversarial robustness.
Experience securing containers and orchestrators (Docker, Kubernetes) in AI environments, including runtime security and policy enforcement.
Conduct formal reviews of AI system designs, ensuring alignment with enterprise cybersecurity strategy, architectural standards, and zero-trust principles.
Proficiency in automating security through IaC tools like Terraform, AWS CloudFormation, and CI/CD integration (GitHub Actions, Jenkins, etc.).
Influence enterprise AI security strategy by tracking industry trends, emerging threats, and innovations in synthetic biology, generative models, and AI biosecurity.
Domestic and International travel up to 10%.

What we expect of you

We are all different, yet we all use our unique contributions to serve patients. The tech professional we seek is a creative problem-solver and a team player with these qualifications:

Bachelor’s or Master’s degree in Computer Science, Engineering, IT or a related field.
7+ years of experience in enterprise security architecture, including designing and implementing secure systems across large-scale, cloud-based environments.
Strong knowledge of cloud security, container security, identity and access management, zero trust principles, network security, and secure application design.
Knowledge and understanding of HIPAA, EU AI Act, GxP, GDPR, and other regulations impacting AI use and their application in enterprise environments.
Ability to design and enforce data protection strategies, including DLP, data classification, encryption, anonymization, and/or privacy-preserving technologies.
Familiarity with securing AI/ML systems, with a focus on risk management, governance, and integration into enterprise security posture.
Understanding of secure DevOps/MLOps principles and how they align with enterprise security standards.
Knowledge of threat modeling, risk assessments, and integration of threat intelligence into enterprise security strategies.
Relevant credentials such as CISSP, CCSP, CISM, or equivalent enterprise security certifications. AI-specific certifications are a plus but not required.
Ability to collaborate across security, legal, compliance, data science, and executive teams to influence AI risk evaluation and strategy.
Familiarity with AI-focused security and compliance standards and guidelines, such as OWASP Top 10 for LLMs and NIST AI Risk Management Framework.
Experience in implementing enterprise end-to-end AI pipelines in a cloud environment using Python, TensorFlow, and/or PyTorch is a plus.
Experience in implementing security for AI/ML or designing secure MLOps pipelines using tools such as MLflow, Kubeflow, SageMaker Pipelines, or Vertex AI Pipelines is a strong plus.
Fluency in English.