AI Security Governance Architect

About Plain Concepts: Plain Concepts is a premier, internationally recognized customized technology pioneer, 100% technical consultancy engine, and global artificial intelligence solutions leader on an absolute mission to drive cutting-edge software engineering projects around the world. Operating with a robust multidisciplinary team of over 500 passionate technicians across more than 6 countries, Plain Concepts replaces standard out-of-the-box outsourcing models with high-fidelity custom builds designed from scratch. Rooted in a flat, deeply collaborative organizational structure that lives and breathes AGILE principles, the studio fosters a tech-first culture where knowledge-sharing is paramount and even the boldest ideas are welcome. Plain Concepts provides high-agency cyber defensive engineers with an uncompromised remote canvas to leverage state-of-the-art AI Security Posture Management (AISPM) tools, configure automated governance structures, and secure multi-tenant agentic AI platforms safely across Spain.

Position Overview

We are seeking a highly analytical, systems-minded AI Security Governance Architect to join our core centralized Cybersecurity division in a full-time remote capacity across Spain. Functioning as the definitive cybersecurity subject matter expert for our global AI Security Governance Program, you will step up to claim individual strategic operational accountability for defining, operationalizing, and continually maturing the cybersecurity control framework governing AI, GenAI, and autonomous agentic AI use cases. Shifting completely away from routine network logging, passive compliance checklist ticking, or simple document filing, you will collaborate side-by-side with security engineers, enterprise architects, and core business units to ensure emerging technologies are safely registered, risk-classified, and hardened across their entire operational lifecycle. This position requires an information security veteran with 8+ years of cybersecurity field history who handles algorithmic risk vectors fluidly natively using Cybersecurity defense primitives, designs technical architecture guardrails smoothly natively using AI Engineer safety parameters, and reviews enterprise data contracts confidently in both English and Spanish.

Key Responsibilities

• AI Security Control Framework Governance: Define, scale, and mature an end-to-end operational security governance framework for AI/GenAI systems, managing intake loops, automated registries, risk classifications, and control mapping baselines natively utilizing Cybersecurity protection strategies.
• Advanced Use Case Threat Modeling: Execute rigorous cybersecurity risk assessments over non-deterministic machine models, auditing access control configurations, prompt injection vulnerabilities, indirect prompt injections, model misuse loops, and automated agentic AI tool permissions.
• Security-by-Design Architecture Engineering: Translate abstract mathematical risks into practical security control definitions, technical requirements, structural architecture patterns, and automated guardrails for complex RAG systems, M365 Copilot deployments, and custom enterprise GenAI models natively leveraging AI Engineer guidelines.
• AISPM and GRC Tooling Integration: Integrate the core governance taxonomy directly into active technical ecosystems, mapping tool capabilities, defining registry schema fields, and constructing evidence pipelines across systems like HiddenLayer, Sentra, Zenity, and Wiz.
• Cross-Functional Compliance Alignment: Align internal AI defense rubrics with premier recognized global security standards, ensuring strict mapping against NIST AI RMF, NIST Generative AI Profile, ISO/IEC 42001, OWASP Top 10 for LLM Applications, and EU AI Act obligations.
• Data Security Posture and Residency Governance: Enforce tight data protection standards over training pipelines, preventing sensitive data leakage through strict enforcement of data classification matrices and data residency parameters.
• Comprehensive Technical Deliverable Formulation: Write, refine, and ship high-quality executive-ready deliverables—including security review templates, exception handling runbooks, KPI/KRI dashboard models, and developer-oriented AI security awareness training programs.
• Asynchronous Strategic Collaboration: Act as a technical partner to project management teams, providing the deep technical logic needed to translate conceptual enterprise risks into clear, maintainable technical control owners and acceptance criteria.

Required Skills & Qualifications

• A minimum of 8 years of verified professional history running advanced cybersecurity operations, corporate security architecture design, infrastructure risk management, or Application Security/Cloud Security consulting within an enterprise software environment.
• Deep, authoritative technical command of artificial intelligence and large language model (LLM) software vulnerabilities, prompt engineering defects, model supply chain exploits, RAG security constraints, and third-party API exposure points.
• Expert-tier capability mapping complex data flows, constructing cryptographic guardrails, and managing enterprise risk mitigation platforms natively utilizing Cybersecurity frameworks.
• Practical operational familiarity auditing machine learning model environments, configuring cloud security controls, and designing threat detection architectures natively using AI Engineer parameters.
• Demonstrated experience building operational governance architectures and technical definitions that function successfully in production, rather than just abstract policy documentation.
• Bilingual Language Requirement: Complete, uncompromised professional fluency in both written and spoken **English and Spanish**, enabling seamless presentation of technical control definitions before multi-tier executive boards across Spain and international hubs.
• Outstanding written documentation skills, with a proven history of prioritizing absolute clarity, strict structural classification, and technical data integrity over verbose text.

Preferred Strategic Indicators (Nice to Have)

• Prior commercial security engineering history operating explicitly with AI Security Posture Management (AISPM), Data Security Posture Management (DSPM), Secure SDLC, or DevSecOps automation scaffolding.
• Possession of industry-vetted professional credentials (such as CISSP, CISM, CRISC) or elite enterprise cloud security architectures certifications across AWS, Azure, or GCP platforms.
• Familiarity with EU AI Act regulatory obligations for deployers of high-risk AI systems, including programmatic logging, automated monitoring, and continuous human-in-the-loop oversight frameworks.
• An outcome-driven personal philosophy rooted in immense technical curiosity, a passion for exploring the latest automated tools, and a relentless drive to safely unleash advanced agentic AI innovations.

What We Offer

• Market-Calibrated Spanish Salaried Blueprint: A highly competitive full-time baseline salary package calibrated precisely to evaluate your cybersecurity architecture authority, bilingual compliance depth, and AI threat modeling velocity.
• Flexible 35-Hour Work Week: A balanced, modern scheduling framework built explicitly around a 35-hour week to optimize your technical productivity and personal recharge.
• Profound work-from-home remote parameters offering a 100% remote layout across Spain, complete scheduling flexibility, and zero geographic office commuting friction, supported by a monthly utility bonus for home electricity and internet expenses.
• Immediate baseline access to world-class health infrastructure, providing completely free comprehensive medical health insurance paired with a co-payment dental services track.
• Access to elite financial accumulation and personal enrichment provisions, featuring an individual corporate budget for custom training/equipment, free Microsoft certification pathways, and structured English language lessons.
• Generous lifestyle calibration benefits, providing a birthday day-off program, flexible compensation channels (restaurant tokens, transport, and childcare passes), gym network discounts, and access to the Plain Camp annual team-building event.