Job Description

Do you know askblue?

We were born in 2013, and we provide services in the field of information technology.

We are looking for AI Security Architect to join our company, in one of our projects in Lisbon, in hybrd regime

Tasks:

• Support and review AI/GenAI use cases from design through production;
• Define security requirements for AI platforms, APIs, agents, tool use, and integrations;
• Perform architecture reviews, threat modelling, and security reviews of AI solutions;
• Validate integrations and deployments against security, privacy, logging, and auditability requirements;

Identify and mitigate risks such as:

• Prompt injection / jailbreaks;
• Sensitive information disclosure / data leakage;
• Unsafe tool use / excessive agency;
• Abusive or unbounded consumption;
• Insecure integrations or poisoned inputs;
• Define guardrails for data usage, especially for sensitive, personal, confidential, or regulated data;
• Ensure secure logging, monitoring, audit trails, and evidence of control effectiveness;
• Contribute to AI security governance, standards, and secure-by-design patterns.

Requirements:

• Background in cybersecurity, ideally application security, product security, cloud security, or security architecture;
• Understanding of GenAI / LLM-based solutions from a security and risk perspective;
• Experience with security reviews, architecture reviews, threat modelling, and defining technical controls;
• Experience with IAM, API security, secrets management, logging, monitoring, and control validation;
• Knowledge of data protection, privacy, data minimization, and secure handling of sensitive or regulated data;
• Ability to challenge technical implementations and validate that controls are effectively applied;
• (Preferred) Familiarity with AWS and/or Azure environments in the context of AI workload security;
• (Preferred) Exposure to AWS Bedrock, Azure OpenAI / Azure AI Foundry, or similar GenAI platforms, especially around:
• • Guardrails and content controls;
  • IAM and least privilege;
  • Logging, observability, and auditability;
  • Data protection and sensitive data handling;
  • Familiarity with Databricks as a platform to review from a security perspective, including: Access control and data permissions, Workspaces, jobs, pipelines, and notebooks, Secrets, networking, and data governance.

Familiarity with:

• OWASP Top 10 for LLM Applications / Agentic AI;
• SAIF (Secure AI Framework);
• Model Context Protocol (MCP) and agent-to-tool security considerations;
• Agent-to-Agent (A2A) architectures and agentic trust boundaries;
• Emerging risk taxonomies such as MCP-38;
• Exposure to DevSecOps and/or MLOps as a collaboration context.

Core Skills:

• Can translate AI security risks into clear technical requirements;
• Strong risk identification, prioritisation, and decision-making;
• Able to challenge and validate implementations effectively;
• Works well with security, product, engineering, and data teams;
• Focused on practical, enforceable, and auditable controls.

Important Note:

This is a cybersecurity role applied to AI/GenAI. It is not primarily a model development, data engineering, or operational ownership role for pipelines, notebooks, or ML platforms.

Work Arrangement:

• Hybrid (On-Site 2x per week)

Offer:

• Health Insurance;
• 3 and a half days of leave per year + 22 vacation days;
• Unlimited access to Udemy.

If you are interested in the opportunity, upload your C.V.

askblue – where business meets technology