Senior Lead AI Security Architect
***This role is based at one of our corporate offices in Memphis, TN, McLean, VA, or Dallas, TX***
This is your chance to be a part of an in-house Technology team that's creating consumer-facing, cutting-edge technologies revolutionizing the hospitality industry around the world! As a Senior Lead AI Security Architect, you will bring your technical skills to a hospitality company with an award-winning culture. On the Customer Platform Security team reporting to the Senior Director Cyber Security Architecture, you will lead security architecture for AI agents, Agentic AI and Generative AI solutions across global customer-facing, partner and enterprise initiatives.
HOW WE WILL SUPPORT YOU
Hilton is proud to support the mental and physical wellbeing of all Team Members so they can Thrive personally and professionally in a diverse and inclusive environment, thanks to programs and benefits such as:
- Go Hilton travel program: 110 nights of discounted travel with room rates as low as $40/night
- Hilton Shares: Our employee stock purchase program (ESPP) - you can purchase Hilton shares at a 15 percent discount
- Paid parental leave for eligible Team Members, including partners and adoptive parents
- Mental health resources including free counseling through our Employee Assistance Program
- Paid Time Off (PTO)
- Learn more about the rest of our benefits
At Hilton, we believe every Team Member is a leader. We are committed to offering leadership development opportunities and programs through every step of a Team Member’s career journey and at every level, both in our hotels and across corporate.
**Available benefits may vary depending upon terms and conditions of employment and are subject to the terms and conditions of the plans.
HOW YOU WILL MAKE AN IMPACT
Your role is important and below are some of the fundamental job duties that make your work unique.
What your day-to-day will be like:
- Embed with Software Engineering, infrastructure or delivery teams as the AI Security subject matter expert, shaping requirements and design decisions so AI solutions are secure and aligned with Hilton and industry security standards.
- Design and conduct risk assessments of end-to-end AI-enabled architectures (e.g., LLM applications, retrieval-augmented generation (RAG), and agent-based or agentic workflows), ensuring solutions are secure, stable, scalable and resilient.
- Define reusable security guardrails that mitigate customer-facing and emerging AI-specific risks using established security architecture and risk management practices (e.g., secure prompt handling, data protection, least privilege, safe tool execution, monitoring, and abuse prevention).
- Own and evolve AI security reference architectures and standards across:
- Identity, authentication and authorization patterns (customer/workforce identity, scoped tokens, RBAC/ABAC/PBAC)
- Secure RAG patterns (data governance, retrieval controls, access control)
- AWS cloud security (least-privilege IAM, segmentation, encryption/KMS, secrets, logging/monitoring)
- Establish safety and quality controls so outputs remain grounded in hospitality context and reduce hallucinations using contextual grounding, attribution, confidence/abstention patterns, evaluation gates, and continuous monitoring.
- Ensure privacy and auditability by defining requirements for sensitive data handling, consent/notice, retention, traceability of agent/tool actions, and production telemetry to enable detection and response.
- Drive adoption of Hilton's AI security standards and governance, and document strategies/patterns (secure prompt handling, session/memory controls, tenant isolation, safe tool execution, evaluation-driven and security guardrails).
How you will collaborate with others:
- Engage with multiple project teams and cross-functional partners (engineering, data, ML/AI platform, product, privacy, risk, platform, and operations) to integrate security across the full AI lifecycle—from design through deployment, evaluation, and operations.
What deliverables you will take ownership of:
- Lead security aspects of AI product delivery by defining secure-by-default patterns and architecture guardrails that materially reduce vulnerabilities and risk in released AI-enabled products (customer-facing and enterprise-facing).
- Own the creation and ongoing maintenance of Hilton's AI Security Standards, keeping them current with emerging threats, regulatory expectations, and industry advancements—and driving adoption across teams.
- Contribute to the continuous development, review, and adoption of Hilton's security standards and best practices for AI/GenAI/agentic systems (authorization, RAG governance, tool execution controls, logging/auditability, privacy-by-design).
- Design and maintain advanced security reference architectures aligned with Hilton's overall architecture models—spanning AI-enabled application layers, RAG and tool integrations, web/mobile/API surfaces, and AWS cloud.
WHY YOU'LL BE A GREAT FIT
You have these minimum qualifications:
- Seven (7) years of professional experience in Technology or a related field.
- Seven (7) years of combined experience in cyber security, including Product/Application Security, Cloud Security (AWS preferred), IAM, data protection, cryptography, and/or securing web/mobile/API platforms.
- Three (3) years of solution and/or enterprise security architecture experience, owning security design and standards.
- Strong IAM expertise (OAuth 2.1, OIDC, SAML 2.0, public cloud IAM technologies), including workload identity, scoped tokens, and Role based/Attribute based/Policy based Access control.
- Hands-on cloud security architecture experience, including least‑privilege IAM, segmentation, encryption/key management, secrets management, logging/monitoring, and CI/CD.
- Experience in regulated/privacy-sensitive environments, familiar with PCI DSS, GDPR/CCPA, NIST 800‑53, SOC 2, ISO 27001, and PSD2/SCA.
- Applied or developing experience securing GenAI, AI Agent or Agentic AI systems (LLM, RAG, agents), including AI threat modeling (e.g., prompt injection, data exfiltration) and core safety controls (contextual grounding, IAM, auditability, abuse prevention)
- This is a hybrid role and requires being near one of our three US office locations (McLean, Dallas, Memphis).
It would be useful if you have:
- Bachelor's degree (or equivalent experience as outlined).
- Two (2) + years in a senior/lead security architect role with documented reference architectures and standards ownership.
- Security/cloud certifications (e.g., CISSP, AWS Solutions Architect, AWS Security Specialty, relevant AI certifications).
- Experience with GenAI stacks and controls (OpenAI/Bedrock, agent orchestration frameworks, vector databases) and securing integrations to enterprise systems/SaaS tools.
- Experience building policy/guardrail services (policy-as-code, allowlisted actions, structured output/schema enforcement) and running LLM evaluations/red-teaming (jailbreak testing, safety regressions, grounding quality metrics)
- Experience driving adoption of secure-by-default standards and engineering patterns across teams.
- Hospitality domain experience.
WHAT IT IS LIKE WORKING FOR HILTON
Hilton, the #1 World's Best Workplace, is a leading global hospitality company with a diverse portfolio of world-class brands. Dedicated to filling the earth with the light and warmth of hospitality, we have welcomed more than 3 billion guests in our more-than 100-year history. Hilton is proud to have an award-winning workplace culture and we are consistently named among one of the World’s Best Workplaces. Check out the Hilton Careers blog and Instagram to learn more about what it’s like to be on Team Hilton!
We provide reasonable accommodations to qualified persons with disabilities to perform the essential functions of the position and provide other benefits and privileges of employment in accordance with applicable law. Please contact us if you require an accommodation during the application process.