Senior Enterprise Security Architect

Xerox is seeking a Senior Enterprise Security Architect to lead security architecture reviews and provide secure-by-design guidance across enterprise initiatives, with a strong preference for experience (or strong aptitude) in AI/GenAI solution security. This role partners closely with engineering, product, legal, privacy, and risk stakeholders to assess solution architectures, identify and quantify risk, and drive practical remediation plans that enable delivery.

You will be expected to operate as an independent reviewer and trusted advisor-able to quickly understand complex architectures, identify security gaps, and define clear, actionable requirements that align to enterprise standards.

Key Responsibilities

• Lead security architecture engagements for enterprise initiatives, including AI-enabled applications, cloud platforms, SaaS integrations, and data-driven systems.

• Evaluate solution designs for security risks across:

• Identity and access models (SSO, RBAC/ABAC, service principals, OAuth, API keys)

• Application and API security patterns

• Cloud security architecture (Azure preferred)

• Data protection (classification, encryption, retention, DLP patterns)

• Logging/monitoring and operational readiness

• Network and integration security (connectors, segmentation, egress control)

Perform threat modeling and data-flow analysis; document findings, recommended mitigations, and residual risk.

Partner with delivery teams to embed security requirements into implementation plans and ensure closure of findings.

Support third-party solution evaluations by reviewing vendor security posture, architecture, and data handling practices in partnership with risk and procurement stakeholders.

Contribute to reusable security architecture patterns, standards, and reference designs to reduce friction and improve consistency.

Provide mentorship and technical guidance to engineers and architects on secure design and implementation.

AI / GenAI Security Focus (Preferred)

• Review and secure patterns for RAG, embeddings/vector databases, document ingestion, and retrieval authorization.
• Evaluate controls for prompt injection, data leakage, jailbreak attempts, model misuse, and unsafe tool/action chaining.
• Assess AI data handling: training/fine-tuning boundaries, prompt/response retention, privacy constraints, and output filtering/guardrails.
• Validate AI solution observability: audit logging of user requests, retrieval events, model calls, and administrative actions., * Independently lead multiple concurrent architecture reviews and deliver consistent, high-quality findings and requirements.
• Improve review throughput by applying repeatable patterns and clear "definition of done" security outcomes.
• Establish trusted partnerships with engineering teams by providing practical, implementable guidance. Contribute at least 2-3 reusable security architecture patterns (especially for AI integrations and data handling).

• 7+ years in security architecture, security engineering, enterprise architecture, or comparable experience.

• Demonstrated breadth across enterprise security domains, including:

• IAM (SSO/OIDC/SAML, RBAC, privileged access concepts)

• Application security and secure SDLC practices

• Cloud security fundamentals (Azure strongly preferred)

• Data security (encryption, key management, classification, retention)

• Logging/monitoring and incident-ready telemetry

Strong ability to create and interpret architecture diagrams and data flows.

Proven experience communicating security risk and recommendations clearly to both technical teams and leadership.

Experience driving remediation plans to closure in partnership with engineering and product teams., * Direct experience assessing or building AI/ML/GenAI solutions (Azure OpenAI, AI platforms, copilots/agents, model hosting, AI SaaS).

• Familiarity with enterprise risk workflows (risk registers, third-party risk, audits).
• Experience with DevSecOps/IaC security and cloud governance controls.
• Certifications welcomed (not required): CISSP, CCSP, SABSA, Azure Security, GIAC.

Key Competencies

• Strong systems thinking and ability to reason across complex enterprise environments.
• Risk-based decision-making (pragmatic, business-enabling security).
• Comfortable operating with ambiguity and quickly learning new technologies.
• Excellent written communication (findings, requirements, and executive-ready summaries).
• High integrity, strong judgment, and collaborative stakeholder management.

For more than 100 years, Xerox has continually redefined the workplace experience. Harnessing our leadership position in office and production print technology, we've expanded into software and services to sustainably power the hybrid workplace of today and tomorrow. Today, Xerox is continuing its legacy of innovation to deliver client-centric and digitally-driven technology solutions and meet the needs of today's global, distributed workforce. From the office to industrial environments, our differentiated business and technology offerings and financial services are essential workplace technology solutions that drive success for our clients. At Xerox, we make work, work. Learn more about us at www.xerox.com.