Enterprise Cybersecurity AI Architect

**Enterprise Cybersecurity AI Architect** **Job Description** **Schedule:** M-F **Location:** Atlanta or Birmingham **Position Summary:** Southern Company is seeking a highly skilled and visionary AI Security Architect to lead the secure design and governance of AI technologies across the enterprise. The candidate will directly support the company's efforts to mitigate real and potential cyber threats to the company's facilities, personnel, technology, operations, and brand - including critical electric and gas utility infrastructure and its privately owned telecommunications network. This role will serve as the technical authority on AI cybersecurity, responsible for protecting internally developed AI applications, securing models and data pipelines, and implementing guardrails around AI agents deployed by various teams. This position is responsible for ensuring the confidentiality, integrity, and availability of the company's information assets. This will be accomplished by: + Establishing and implementing an information security framework and technical architecture. + Designing, developing, and implementing information security solutions. + Establish and maintain security guardrails to support the safe implementation of AI and automation. + Providing Cybersecurity expertise and consulting. The architect will also drive the deployment of AI-powered cybersecurity tools to enhance team efficiency and resilience. This role requires deep expertise in AI systems, adversarial threat modeling, and enterprise-grade security architecture. Qualified candidates need to be able to align strategy and execution to increase cybersecurity maturity, anticipate future requirements for complex traditional, hybrid, and multi-cloud environments, drive initiatives via influence and relationships into business processes, keep up with current security trends, be focused on results, and be a self-starter. **Job Responsibilities:** + Collaborate with cross-functional teams to integrate security best practices into AI development and deployment processes. + Develop and enforce guardrails for AI agents used across departments, ensuring safe, compliant, and ethical use. + Design and implement security architecture for AI platforms, models, and applications, including LLMs, agentic workflows, and custom AI tools. + Lead threat modeling and risk assessments for AI systems in alignment with frameworks such as NIST. + Architect secure deployment environments for AI agents, including sandboxing, access control, and runtime isolation. + Implement defenses against common attack methods to models and data protection, such as data exfiltration, information disclosure, hallucinations, model poisoning, and excessive overreliance. + Establish responsible AI frameworks for fairness, bias detection, and explainability. + Deploy AI agents to automate and enhance cybersecurity operations (e.g., incident response, threat detection, vulnerability management). + Collaborate with the Cybersecurity Architecture Manager to integrate AI into enterprise security strategy. + Partner with data science, DevSecOps, and application teams to embed security into AI development pipelines. + Monitor and respond to security incidents related to AI systems. + Conduct regular security assessments and audits to identify vulnerabilities and implement corrective actions. + Plan, coordinate, and lead Cybersecurity projects. + Help internal customers understand and apply Cybersecurity concepts, processes, and technologies. + Maintain current knowledge of Cybersecurity concepts, technologies, and practices. + Mentor others to strengthen Cybersecurity principles and best practices to outside operational areas. + Establish and maintain excellent working relationships and partnerships across the Technology Organization, business partners, and external vendors and suppliers. + Create an environment that fosters accountability, innovation, and engagement at all levels. **Requirements and qualifications:** **Minimum** + Deep understanding of AI and machine learning concepts, algorithms, and frameworks, AI model architectures, and training pipelines. Including LLM concepts, content safety, and data validation. + Strong analytical and problem-solving skills, an understanding of ethical and regulatory requirements related to AI security, and a continuous learning mindset. + Ability to lead cross-functional technical teams and influence enterprise-wide decisions. + Strong knowledge of cloud platforms (Azure, AWS, GCP) and containerized environments. + Hands-on experience with Azure Databricks and Azure AI Services + Familiarity with securing LLMs, generative models, and agentic workflows. + Hands-on experience designing, architecting, and implementing various information security tools/products such as PKI, Static or Dynamic Code Analysis, Next-Generation Firewalls, HSM's, SIEM, Multi-Factor Authentication, IPS, Database Encryption, Privileged Identity Management, Cloud Posture Management, etc. + Competency in APIs (Rest, Graph) and/or JavaScript/JSON/Kubernetes/SQL. + Experience promoting security as a business enablement function using influence, metrics, documentation, strong verbal communication, and presentation skills. + Working knowledge of cloud and traditional security network architectures. + Ability to lead a project from concept through implementation and anticipate potential problems. + Experience prioritizing and executing with minimal direction or oversight. + Ability to perform detailed information security risk assessments and recommend mitigating controls. + Must pass NERC CIP & Insider Threat Protection background checks. **Preferred Qualifications** + Experience with tools like Sonatype, Wiz, Proofpoint DSPM, and AI security platforms. + Knowledge of MCP protection strategies and AI governance frameworks. + Hands-on experience with secure CI/CD pipelines, API security, and data privacy controls. + Experience with software development and programing. + Familiarity with ethical AI principles and emerging regulatory landscapes. + Experience with adversarial ML, red teaming, and AI-specific threat modeling. + Technical knowledge of application development practices, CI/CD pipelines, various cloud platforms including Azure, AWS, or GCP, modern operating systems, networking protocols and designs, and identity management. + Azure certifications preferred. + Industry certifications such as: CISSP, CCSP, CASA, CEH, OSCP, CRISC, CCNP, etc. + At least 5 years of experience playing a key role in building technical programs. + Experience with information security frameworks such as: NIST, OWASP, etc. + Familiarity with nation state, sophisticated criminal, and supply chain threats. + Up-to-date knowledge of current hacking techniques, vulnerability disclosures, and data breach incidents. Experience with cybersecurity analysis and analytic tradecraft. **About Southern Company** Southern Company (NYSE: SO ) is a leading energy provider serving 9 million customers across the Southeast and beyond through its family of companies. Providing clean, safe, reliable and affordable energy with excellent service is our mission. The company has electric operating companies in three states, natural gas distribution companies in four states, a competitive generation company, a leading distributed energy solutions provider with national capabilities, a fiber optics network and telecommunications services. Through an industry-leading commitment to innovation, resilience and sustainability, we are taking action to meet customers' and communities' needs while advancing our goal of net-zero greenhouse gas emissions by 2050. Our uncompromising values ensure we put the needs of those we serve at the center of everything we do and are the key to our sustained success. We are transforming energy into economic, environmental and social progress for tomorrow. Our corporate culture has been recognized by a variety of organizations, earning the company awards and recognitions that reflect Our Values and dedication to service. To learn more, visit . Southern Company invests in the well-being of its employees and their families through a comprehensive total rewards strategy that includes competitive base salary, annual incentive awards for eligible employees and health, welfare and retirement benefits designed to support physical, financial, and emotional/social well-being. This position may also be eligible for additional compensation, such as an incentive program, with the amount of any bonus/awards subject to the terms and conditions of the applicable incentive plan(s). A summary of the benefits offered for this position can be found here . Additional and specific details about total compensation and benefits will also be provided during the hiring process. Southern Company is an equal opportunity employer where an applicant's qualifications are considered without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity or expression, or any other basis prohibited by law. Job Identification: 15521 Job Category: Cybersecurity Job Schedule: Full time Company: Southern Company Services