USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce. We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization.

SUMMARY

The Senior Manager, AI & Cloud Security is responsible for supporting the definition and execution of the organization's strategy to secure cloud platforms and AI capabilities in a large, HIPAA-regulated healthcare environment. The role is responsible for driving a comprehensive program to secure AI workloads in the cloud, protect AI/ML models, ModelOps/MLOps pipelines, Agentic AI workflows, and strengthen resilience against AI-enabled attacks (e.g., automated phishing, adversarial ML, model theft, prompt injection, and agent hijacking). The role also leads the strategic use of agentic AI to improve detection and incident response through safe automation, human-in-the-loop controls, and rigorous operational governance.

This leader also owns the cloud security architecture, design standards, and governance model for the enterprise, establishing reference architectures, secure landing zone patterns, policy-as-code guardrails, and architecture review processes that enable rapid delivery while maintaining strong risk control and audit readiness.

Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned.

• Establish a threat-informed program to defend against AI-enabled attacker capabilities, including automated reconnaissance, highly personalized phishing, synthetic identity fraud, and scalable credential abuse.
• Define controls and operational procedures to mitigate impersonation and deepfake risk (executive fraud, clinician impersonation, IT helpdesk scams), including identity verification patterns and secure approval workflows.
• Partner with IAM, Email Security, SOC, and Compliance stakeholders to implement detection and response patterns for AI-amplified threats.

• Define reference architectures and engineering guardrails for securing AI/ML workloads in cloud environments, including:
• Workload identity, least privilege, privileged access (PAM)
• Network controls (private endpoints, segmentation, egress restrictions)
• Encryption, KMS/HSM integration, secrets management
• Secure container/Kubernetes patterns and hardened runtime controls
• Centralized logging/telemetry, threat detection, and response integration
• Drive secure-by-default patterns for AI platform services (managed ML platforms, vector databases, model endpoints, feature stores, data pipelines).

• Establish controls to protect models across their lifecycle: training, evaluation, deployment, inference, and monitoring.
• Implement and govern security requirements for ModelOps/MLOps pipelines, including CI/CD integration, artifact integrity, provenance/attestation, and secure release controls.
• Define testing and monitoring standards for AI-specific risks such as prompt injection, data poisoning, model inversion, membership inference, model theft, and supply chain compromise.
• Partner with Compliance and Privacy to ensure appropriate use and protection of PHI/ePHI in training and inference workflows (minimization, de-identification, access control, auditability).

• Lead the strategy and implementation of agentic AI to enhance incident response and security operations
• Define governance for security agents: least privilege, tool access controls, prompt/chain protection, validation of outputs, safe fallbacks, and change management.

• Ensure AI and cloud security controls align with HIPAA/HITECH expectations and organizational risk management practices; support HITRUST/NIST-aligned control mapping where applicable.
• Establish AI/cloud security standards, policies, and control requirements for internal development and third-party services (including vendor due diligence for AI providers and model transparency expectations).
• Provide executive-ready reporting on AI and cloud security posture, top risks, and control maturity.
• Own the cloud security architecture strategy for the enterprise, defining target-state patterns across IaaS/PaaS/SaaS for Azure/AWS/GCP (as applicable).
• Establish and maintain cloud security reference architectures, reusable blueprints, and approved patterns (landing zones, network segmentation, identity, logging, encryption, secrets, platform services).
• Lead (or co-lead with Enterprise Architecture) a Cloud Security Architecture Review Board and define governance processes for design approvals, exceptions, and risk acceptance.
• Define and enforce cloud guardrails using policy-as-code (e.g., Azure Policy, AWS SCPs), infrastructure-as-code standards, and automated compliance checks.
• Drive adoption and operationalization of CNAPP/CSPM/CWPP capabilities (where applicable), including posture monitoring, risk prioritization, and remediation workflows.
• Establish cloud security requirements for platform teams and product teams, including secure configuration baselines, logging/telemetry standards, and workload onboarding criteria.

• Influence budgets, tool selection, and prioritization for AI/cloud security investments and roadmap.

• Regular and reliable attendance is required for the job.