How much salary can I expect as a Cloud-Native Security and AI Architect in Ford Motor in undefined?

You can expect a minimum salary of 0 INR. The salary offered will depend on your skills, experience and performance in the interview.

What is the eligibility criteria to apply for Cloud-Native Security and AI Architect in Ford Motor in undefined?

The candidate should have completed undefined degree and people who have 10 to 31 years are eligible to apply for this job. You can apply for more jobs in undefined to get hired quickly.

Is there any specific skill required for this job?

The candidate should have undefined skills and sound communication skills for this job.

Who can apply for this job?

Both Male and Female candidates can apply for this job.

Is it a work from home job?

No, it’s not a work from home job and can’t be done online. You can explore and apply for other work from home jobs in undefined at apna.

Are there any charges or deposits required while applying for the role or while joining?

No work-related deposit needs to be made during your employment with the company.

How can I apply for this job?

Go to the apna app and apply for this job. Click on the apply button and call HR directly to schedule your interview.

What is the last date to apply?

The last date to apply for this job is . For more details, download apna app and find Full Time jobs in undefined . Through apna, you can find jobs in 74 cities across India. Join NOW

Cloud-Native Security and AI Architect

Ford Motor

Chennai

Not disclosed

Work from Office

Full Time

Min. 10 years

Job Details

Job Description

Cloud Architech

Job Title: Cloud-Native Security & AI Architect (GCP / Zero Trust) Location: Hybrid — Dearborn, MI or Fully Remote (US based) Team: Ford Credit Enterprise Architecture

About the Role: Ford Credit is accelerating its transition to a Zero-Trust security model on Google Cloud Platform (GCP) and maturing their enterprise cloud security patterns. They are seeking a Cloud-Native Security & AI Architect to guide on-prem workload migrations into a secure, well-architected GCP environment, while also shaping their approach to safe and effective AI enablement (with a focus on agentic patterns in the SDLC). This role will help establish practical reference architectures, answering various “How do I do X securely?” questions from internal teams, driving clarity where standards are still emerging.

What Success Looks Like (6–12 Months):

Documented, adopted reference architectures and patterns for Zero Trust on GCP.
Reduced critical security gaps across migrated workloads; measurable maturity lift (e.g., from 1/5 toward 3/5).
Repeatable Apigee patterns established; known gaps documented with remediation backlog and owners.
Teams self-serve with “How to do X securely?” guides; faster decision cycles and fewer escalations.
Safe, pragmatic AI enablement patterns integrated into SDLC with clear guardrails and logging.
Established security governance frameworks and stage-gates with both automation and human-in-the-loop processes.

Tools & Ecosystem: GCP (IAM, Workload Identity, VPC, SCC, Cloud Armor, Secret Manager, Logging/Monitoring, GKE/Cloud Run, Build/Artifact), Apigee, GitHub, JIRA, Confluence, Vault (as applicable), Terraform (nice to have).

Zero-Trust Cloud Security Architecture (GCP) – primary focus

Define and mature security architecture patterns and reference architectures for cloud-native workloads on GCP.
Provide day-to-day guidance to application teams migrating from legacy environments to a new Zero-Trust GCP segment.
Conduct gap analyses and recommend remediations to raise security maturity.
Translate Ford’s Information Security Policies (ISP) into actionable architecture guidance and guardrails.
Establish “golden paths” for securing RPC endpoints, service-to-service auth, workload identity, runtime security, and logging.
Design and document secure patterns for hybrid connectivity, ensuring safe data exchange and identity federation between on-premise data centers (including mainframe environments) and GCP.
Develop a holistic security strategy for critical third-party SaaS applications, focusing on identity integration (SSO), data governance, and unified visibility.
Partner with threat modeling, networking, and data architecture teams to ensure holistic, risk-balanced designs.

API & Apigee Security Enablement

Define patterns for securing APIs and RPC endpoints with Apigee (authN/Z, token flows, rate limiting, telemetry).
Identify platform gaps; collaborate with Ford’s Apigee owner (EPEO) to drive improvements and reusable examples.

AI Architecture (Agentic SDLC) – secondary focus

Evaluate AI-enabled solutions for safety and security: “Is this secure? Is it safe? Are we allowed to do this?”
Define secure agent patterns for SDLC use cases (e.g., agents drafting JIRAs, triaging issues).
Apply AI safety best practices (prompt injection defenses, tool/API misuse prevention, data leakage controls).
Design human-in-the-loop, decision traceability, and auditable logging for AI-assisted decision flows.

Process & Enablement

Create and maintain clear, consumable architecture documentation and standards from multiple sources.
Mentor teams; answer questions rapidly; help the org balance speed with security in a zero-trust context.
Contribute to a pragmatic roadmap to improve security maturity across the portfolio.

Minimum Qualifications
- 10+ years of IT experience with 7+ years in cloud architecture/engineering with 4+ years focused on cloud security (enterprise scale).
- Deep hands-on experience with GCP services relevant to security: IAM & Workload Identity, VPC/SCC/Cloud Armor, Secrets Manager, Cloud Logging/Monitoring, GKE/Cloud Run, Artifact/Build, Pub/Sub, Apigee.
- Proven experience designing or maturing Zero-Trust architectures (BeyondCorp principles; identity-centric access).
- Strong understanding of OAuth/OIDC, service-to-service auth, token flows, and API security patterns.
- Experience designing security for hybrid architectures that connect modern cloud platforms with traditional enterprise data centers through GCP Interconnect, including mainframe systems.
- Experience with SaaS security frameworks and tools, such as Cloud Access Security Brokers (CASB), SaaS Security Posture Management (SSPM), and advanced data loss prevention (DLP) strategies.
- Integrate security seamlessly into the CI/CD pipeline (DevSecOps), ensuring automated guardrails and infrastructure-as-code (IaC) scanning are part of the "golden path."
- Experience producing reference architectures, standards, and “golden paths” for engineering teams.
- Good knowledge of security.
- Hands-on use of AI tools to improve productivity (e.g., coding, analysis, documentation).
- Excellent communication and stakeholder enablement skills.
Preferred Qualifications
- GCP security certifications (e.g., Professional Cloud Security Engineer, Professional Cloud Architect).
- Experience with Apigee at enterprise scale (API gateways, policies, auth patterns, observability).
- Familiarity with LLM/agent attack vectors (prompt injection, jailbreaks, tool abuse, data exfiltration) and mitigations aligned to industry frameworks – OWASP for LLM, NIST AI RMF etc.
- Exposure to spec-driven development and content-distributed architectures.
- Understanding of regulated environment and associated compliance frameworks – PCI-DSS, SOC2, CCPA, GDPR and auditable human-in-the loop decisioning.
- Comfortable navigating ambiguity and building standards in-flight during large-scale migrations.