University of Toronto

AI Security Architect & Red Team Lead

University of Toronto$120K — $140K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Data Science, or related field; Master's preferred.
  • 5 years of cybersecurity experience with 3 years in AI/ML security.
  • Experience in leading adversarial testing for AI systems, particularly LLMs.
  • Proficient in managing third-party vendors in security contexts.
  • Strong independent project initiation and leadership skills, ideally in higher education.

Responsibilities

  • Establish the AI red teaming function and define its strategic direction.
  • Conduct independent assessments of the AI threat landscape.
  • Develop and implement internal checks for responsible AI deployment.
  • Manage relationships with external red teaming providers.
  • Report findings and actionable recommendations to senior leadership.

Benefits

  • Opportunities for professional development and further education.
  • Access to university resources and research opportunities.
  • Flexible work environment supporting autonomy and innovation.
  • Engagement in pioneering projects within a major research institution.
Full Job Description
Date Posted: 07/10/2026
Req ID: 48577
Faculty/Division: Ofc of the Chief Information Officer
Department: Information Security
Campus: St. George (Downtown Toronto)
Existing Vacancy: Yes

Description:

The University of Toronto is seeking an AI Security Architect & Red Team Lead to establish and drive the university's adversarial testing capability for AI systems. This is a foundational hire: a self-directed professional who will build the AI red teaming function from the ground up, define its strategy, and serve as the university's primary authority on AI-specific security threats.

Reporting to the Chief Information Security and Digital Trust Officer, the AI Security Architect & Red Team Lead will operate with significant autonomy, independently assessing the AI threat landscape, identifying what the university needs, and coming back to senior leadership with clear, actionable recommendations. This role is not about managing a large team; it is about being the expert who shapes the university's approach to AI security testing, builds the internal checks and balances required for responsible AI deployment, and manages relationships with third-party red teaming providers.

The ideal candidate has a clear vision for how AI red teaming should work in a complex, decentralized environment like a major research university, can work independently with minimal direction, and communicates findings and recommendations directly to senior & executive leadership including the Chief Information Security and Digital Trust Officer.

REQUIRED QUALIFICATIONS:

EDUCATION:

  • Bachelor's degree in Computer Science, Cybersecurity, Data Science, or a related field. Master's degree preferred.
  • Equivalent combination of education and experience will be considered.
  • Relevant certifications: OSCP, GIAC (GPEN, GXPN), CEH, CISM, or AI-specific certifications are preferred.


EXPERIENCE:

  • Minimum 5 years of experience in cybersecurity and/or application architecture, with at least 3 years focused on AI/ML security, adversarial testing, or red teaming.
  • Demonstrated experience leading or conducting adversarial testing of AI systems, including LLMs and/or agentic AI applications.
  • Proven track record of managing third-party security vendors, including scoping engagements, evaluating deliverables, and holding providers accountable.
  • Experience working independently to define and build a security program or capability from scratch.
  • Experience communicating technical security findings and recommendations to senior non-technical leadership.
  • Experience in higher education, research institutions, or public-sector environments is preferred.
  • Experience with deepfake detection, multimodal AI security, or AI-generated content forensics is preferred.
  • Experience building or contributing to open-source AI security tools is preferred.
  • Experience evaluating or adversarially testing AI guardrail frameworks and PII protection tools (e.g., NVIDIA NeMo Guardrails, Guardrails AI, Microsoft Presidio, Meta Llama Guard, Lakera Guard) is preferred.
  • Knowledge of data classification frameworks and AI-specific Data Loss Prevention (DLP) strategies, including NLP-based entity recognition for sensitive data detection and masking.
  • Published research or conference presentations in AI security, adversarial ML, or related fields is preferred..


SKILLS:

  • Deep understanding of LLM architectures, transformer models, prompt engineering, and common AI attack vectors (injection, evasion, poisoning, extraction).
  • Proficiency in Python and familiarity with adversarial ML libraries and frameworks (ART, PyRIT, Garak, TextAttack, CleverHans).
  • Knowledge of agentic AI systems, MCP (Model Context Protocol), RAG architectures, and multi-agent orchestration.
  • Strong understanding of AI security frameworks: NIST AI RMF, NIST AI 600-1, MITRE ATLAS, OWASP LLM Top 10, and OWASP Agentic Top 10.
  • Familiarity with SIEM/SOAR platforms, CI/CD pipeline security, and infrastructure security fundamentals.
  • Strong understanding of Canadian data protection regulations (PIPEDA, provincial privacy legislation, emerging federal AI regulation), ISO/IEC 42001, and ISO/IEC 27001.
  • Familiarity with the EU AI Act as a framework alignment reference for international best practice.
  • Familiarity with AI observability and tracing platforms (e.g., Langfuse, LangSmith, Arize Phoenix, AgentOps) and model artifact scanning tools (e.g., Protect AI ModelScan, HiddenLayer), sufficient to evaluate solutions, define requirements, and red team monitoring coverage.
  • Familiarity with MCP security scanning tools, MCP gateway architectures, and agent-level audit logging for tool-use governance.


OTHER:

  • Self-starter who thrives with autonomy and can independently determine priorities and next steps without close supervision.
  • Strong strategic thinking, able to see the big picture of AI security risk and translate it into a concrete, phased plan.
  • Excellent written and verbal communication skills, with the ability to brief senior executives and produce polished reports.
  • Comfort operating in a complex, decentralized environment where influence, persuasion, and relationship-building are as important as technical expertise.
  • Adversarial mindset paired with ethical judgment and integrity.


Closing Date: 07/31/2026, 11:59PM ET
Employee Group: Salaried
Personnel Subarea:PM
Appointment Type: Budget - Continuing
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 5 -- Hiring Zone: $120,499 - $140,583 -- Broadband Salary Range: $120,499 - $200,831
Job Category: Information Technology (IT)

About University of Toronto

The University of Toronto is a public research university located in Toronto, Ontario, Canada. It is the largest university in Canada by enrollment and one of the top-ranked universities in the world. The university offers undergraduate and graduate programs in a wide range of academic disciplines, including arts, sciences, engineering, and business. The University of Toronto is known for its research excellence and has produced many notable alumni, including four Nobel laureates. The university was founded in 1827 and has three campuses in the Toronto area.
Learn more about University of Toronto
Size
21,556 employees
Industry

Similar Jobs

More Jobs at University of Toronto

More Information Technology Jobs

Find similar AI Security Architect & Red Team Lead jobs: