The Role
We are building a security-first AI platform from the ground up, designed to run large language models, multi-agent systems, and advanced AI workloads in zero-trust environments. Security is core to our DNA. We’re looking for an AI Security Architect to define and lead our security-by-design strategy across infrastructure, runtime, and application layers.
You’ll shape our platform’s trust model, design isolation boundaries, and ensure that confidential computing, zero-trust principles, and privacy-preserving technologies (FHE, ZKP, etc.) are embedded into the product from day one.
Key Responsibilities
Establish secure foundations for a Kubernetes-based AI platform together with the platform architecture team.
Design and maintain the cloud native security reference architecture, including:
Pod security standards.
IAM, RBAC, and multi-tenancy setup.
Network isolation, zero-trust communication, and secret management.
Secure software supply chain (SBOMs, signing, provenance, verification).
Define and enforce security controls for container workloads, operators, and extensions.
Collaborate with platform engineers on secure CI/CD pipelines and infrastructure-as-code policies.
Define and guide the company’s threat-modeling and security design-review framework, partnering with engineers to identify and mitigate risks early in design.
Partner with the GRC team to align design with NIS2, CRA, ISO 27001, and AI Act requirements.
Drive integration of Confidential Computing, FHE, and ZKP-based data protection features.
Contribute to internal security culture, training, and design-review practices.
Qualifications
Solid experience in security architecture, infrastructure security, or platform engineering roles.
Deep knowledge of Kubernetes internals (control plane, admission controllers, namespaces, operators).
Expertise in cloud-native security and technological solution landscape.
Strong understanding of IAM, RBAC, and network segmentation.
Experience with secure SDLC, software supply-chain security, and security reviews.
Familiarity with Confidential Compute, FHE, or ZKP concepts and technologies is considered a plus.
Knowledge of the security landscape around generative AI and agentic applications, especially their specific vulnerabilities and corresponding mitigating measures is considered a plus.
Soft Skills
· Excellent communication and interpersonal skills, able to collaborate effectively across internal teams.
· A “can do attitude”, willing to solve and overcome obstacles.
· Proactive problem-solver with a drive for automation and operational excellence.
· Curious, open-minded, and eager to continuously improve.
What do we offer?
· Join an innovative team and experience company growth.
· We believe in investing in our employees and providing them with the opportunities they need to grow and develop their careers.
· Enjoy a hybrid work environment.
· We also offer a flexible schedule.
· We offer a remuneration that values your experience.
· The position will have the base in Barcelona, Spain.
We are looking for outstanding people willing to join our mission to change this industry and help to build a better world.
If you feel identified with Openchip, please contact us. We can offer a competitive compensation package in a flexible work schema that will help you to keep a balance between your personal and professional life.
At Openchip & Software Technologies S.L., we believe a diverse and inclusive team is the key to groundbreaking ideas. We foster a work environment where everyone feels valued, respected, and empowered to reach their full potential – regardless of race, gender, ethnicity, sexual orientation, or gender identity.