SRC_AI Solution_ Senior Associate

Industry/Sector Not Applicable Specialism Cybersecurity & Privacy Management Level Senior Associate Job Description & Summary At PwC, our people in risk and compliance focus on maintaining regulatory compliance and managing risks for clients, providing advice, and solutions. They help organisations navigate complex regulatory landscapes and enhance their internal controls to mitigate risks effectively. In regulatory risk compliance at PwC, you will focus on confirming adherence to regulatory requirements and mitigating risks for clients. You will provide guidance on compliance strategies and help clients navigate complex regulatory landscapes. As a Cybersecurity AI Solution Architect in our Cyber Strategy Risk and Compliance practice, you will design, architect, and deploy production-grade AI and agent-based solutions on AWS cloud environments. This role requires deep hands-on expertise in AWS architecture, Generative AI platforms, and agent orchestration frameworks, with the ability to translate use cases into secure, scalable, and cost-efficient cloud deployments. You will lead the technical architecture and implementation of AI-powered solutions—including LLM-based systems, Retrieval-Augmented Generation (RAG) platforms, and agentic workflows—ensuring they are designed for scalability, resilience, security, and operational excellence. The role requires strong expertise in cloud capacity planning, infrastructure design, performance optimization, and production deployment patterns. Position Requirements - Deep hands-on expertise in enterprise cloud architecture across AWS, Microsoft Azure, and Google Cloud Platform (GCP), including landing zone design, multi-account/subscription/project hierarchies, organizational units, and resource hierarchy models. Architect secure and scalable cloud network topologies covering VPC/VNet design, subnetting, hybrid connectivity (AWS Direct Connect, Azure ExpressRoute, Google Cloud Interconnect, Site-to - Site VPN), transit and hub-spoke patterns (Transit Gateway, Virtual WAN, Network Connectivity Center), and private/service endpoint architectures. Design cloud identity and access architecture including IAM/RBAC, federation (SAML, OIDC), single sign-on, conditional access, privileged access management, and workload/service identity patterns across cloud providers. Architect compute strategy across IaaS, PaaS, containers (EKS, AKS, GKE), and serverless (Lambda, Azure Functions, Cloud Run, Cloud Functions), aligning workload types with the most appropriate runtime model and consumption construct. Design storage and data platform architectures across object, block, file, data lake, data warehouse, and streaming tiers (AWS S3/Redshift/Kinesis, Azure ADLS/Synapse/Event Hubs, Google Cloud - Storage/BigQuery/Pub/Sub). Design cloud security architecture including key management (AWS KMS, Azure Key Vault, Google Cloud KMS), secrets management, network segmentation, DDoS protection, WAF, CSPM integration, and alignment to CIS Benchmarks, NIST, and ISO 27017/27018. - Own infrastructure sizing, capacity planning, and performance engineering for cloud workloads, including compute, GPU/CPU/TPU allocation, autoscaling, and concurrency management. - Define and enforce infrastructure-as-code standards using Terraform (primary), AWS CloudFormation, Azure Bicep/ARM, and Google Cloud Deployment Manager, including module design, policy-as-code (OPA, Sentinel, Azure Policy), and CI/CD pipelines for infrastructure. - Design hybrid and multi-cloud topologies covering workload placement, data residency, cross-cloud connectivity, and portability patterns. - Architect cloud observability and operations including logging, metrics, and distributed tracing (Amazon CloudWatch, Azure Monitor / Application Insights, Google Cloud Monitoring, Prometheus, Grafana, OpenTelemetry). - Establish cloud governance, policy, and compliance baselines including tagging strategy, guardrails (Service Control Policies, Azure Policy, GCP Organization Policy), and regulatory alignment. - Deploy production AI and Generative AI workloads on cloud platforms using services such as Amazon Bedrock and SageMaker, Azure OpenAI Service and Azure Machine Learning, and Vertex AI and Gemini APIs — ensuring tight integration with surrounding cloud network, data, identity, and security constructs. - Architect AI system components including Retrieval - Augmented Generation (RAG) pipelines, vector database integrations (OpenSearch, Azure AI Search, Vertex AI Vector Search), embedding pipelines, agent orchestration frameworks, and API/MCP-driven tool integrations. - Build and operationalize MLOps / LLMOps pipelines covering model deployment automation, CI/CD integration, versioning and rollback strategies, and monitoring and drift detection. - Identify and mitigate AI-specific technical risks including prompt injection, model misuse, data leakage, and adversarial manipulation, layered onto foundational cloud security controls. - Integrate cloud and AI solutions with enterprise systems including APIs, SaaS platforms, identity providers, data platforms, and security and governance tooling. - Strong hands-on proficiency in Python and supporting tooling (Bash, YAML, Helm) to prototype, validate, and troubleshoot deployed cloud and AI solutions. - Ability to troubleshoot production issues across network, infrastructure, application, and model layers in multi-cloud environments. - Provide technical leadership during build and deployment phases, conducting architecture reviews, performance tuning, and production readiness validation across cloud environments. - Balance architecture decisions across security, scalability, performance, cost, and operational complexity. - Maintain and advise on development and architecture standards and lead practices across cloud platforms. - Mentor junior cloud engineers and architects through PwC’s apprenticeship model. - Desired Knowledge - Strong hands-on experience architecting and deploying enterprise cloud solutions in production environments across AWS, Microsoft Azure, and Google Cloud Platform (not limited to conceptual or advisory roles). Deep expertise in cloud network design including hybrid connectivity, transit architectures, service mesh (Istio, Linkerd, AWS App Mesh), and private/service endpoint patterns. Strong understanding of cloud landing zones and governance frameworks (AWS Organizations and Control Tower, Azure Landing Zones and Management Groups, Google Cloud Resource Hierarchy and Assured Workloads). Expertise in infrastructure-as-code (Terraform, AWS CloudFormation, Azure Bicep/ARM, Google Cloud Deployment Manager), CI/CD for infrastructure, and policy-as-code (OPA, Sentinel, Azure Policy). Working knowledge of container orchestration (EKS, AKS, GKE), serverless runtimes, and cloud-native application patterns (microservices, event-driven architectures). Experience with cloud observability and operations stacks (Amazon CloudWatch, Azure Monitor / Application Insights, Google Cloud Monitoring, Prometheus, Grafana, OpenTelemetry, Datadog). Experience with cloud migration tooling (AWS Migration Hub / MGN / DMS, Azure Migrate, Google Cloud Migration Center) and application modernization patterns. Well - Architected Framework proficiency across AWS Well - Architected, Azure Well - Architected, and Google Cloud Architecture Framework. Working knowledge of cloud data platforms and integration services (AWS Glue/Redshift, Azure Synapse/Data Factory, Google BigQuery/Dataflow). Understanding of LLM deployment patterns and model hosting strategies — managed services such as Amazon Bedrock, Azure OpenAI Service, and Vertex AI versus custom/self-hosted models — inference optimization, and API integration models. Familiarity with agent frameworks and orchestration layers (LangChain, LangGraph, AutoGen, Semantic Kernel, Amazon Bedrock Agents, Azure AI Agent Service, Vertex AI Agent Builder) for multi-step reasoning and workflow automation. Familiarity with GPU and accelerator options across providers (NVIDIA A100/H100, AWS Trainium/Inferentia, Google TPU) and AI workload performance tuning. Exposure to responsible AI, content filtering, and guardrail frameworks offered by cloud providers (Amazon Bedrock Guardrails, Azure AI Content Safety, Vertex AI Safety), and AI-specific threat modeling layered onto cloud security baselines. - Professional & Educational Background BE / B Tech / MCA / MS (Field of Study: - Computer Science, Information Technology, AI/ML, or related fields). - 6+ of overall IT experience, with meaningful hands-on exposure to enterprise cloud architecture, cloud migration and modernization, or platform engineering — complemented by exposure to AI/ML and Generative AI workload deployment. - Demonstrated experience leading enterprise engagements or managing cross-functional technical teams, with ownership of cloud transformation initiatives that include AI/ML or data workload enablement. - Proven experience architecting and scaling secure, production-grade cloud solutions within enterprise or regulated environments. - Strong hands-on cloud architecture experience across at least two of the three major public cloud platforms (AWS, Microsoft Azure, Google Cloud Platform) is mandatory; breadth across all three is preferred. Certification(s) Preferred: Microsoft Certified: Azure Solutions Architect Expert, Google Professional Cloud Architect, AWS Certified Solutions Architect (Associate/Professional), HashiCorp Certified: Terraform Associate, Certified Kubernetes Administrator (CKA), AWS Certified Machine Learning – Specialty, Microsoft Certified: Azure AI Engineer Associate, Google Professional Machine Learning Engineer, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC). Additional Information Travel Requirements: Line of Service: Advisory Industry: - Consulting - Must be ready to work on-site full-time. ation Systems Control (CRISC). Travel Requirements Not Specified Job Posting End Date