Advisory POD-3

Notice Period: (Immediate Joiner - Only)

Job Responsibilities:
Implement and manage security controls specifically designed for AI systems throughout their lifecycle (data collection, model training, deployment, monitoring).Address AI-specific security risks such as data poisoning, model inversion attacks, adversarial attacks, and prompt injection vulnerabilities.Lead or support the implementation and maintenance of our ISO 42001 (Artificial Intelligence Management System), ensuring compliance with its requirements for trustworthiness, robustness, and ethical considerations in AI systems.Conduct AI-specific risk assessments, identifying and mitigating risks related to AI bias, privacy, security, and societal impact.Develop, review, and refine comprehensive AI security, data governance, and information security policies, standards, and procedures, ensuring alignment with ISO 42001.Prepare for and support internal and external audits for ISO 42001 certification.Contribute to the design, implementation, and continuous improvement of our ISO 27001 (Information Security Management System), ensuring its relevance and effectivenessSupport in audits, risk assessments, and gap analysis, ensuring adherence to compliance requirements.

Assess organizational cybersecurity posture using the NIST Cybersecurity Framework (CSF).

Identify and document gaps and provide recommendations for security measures aligned with NIST CSF. Prepare compliance status and risk reduction strategies.
Assist in drafting and updating organizational policies and procedures for governance and compliance.

Deliver complex projects in a fast-paced, team environmentJob Specifications:1. Qualification:Bachelors degree in Engineering or closely related coursework in technology development disciplinesCertifications Security+, CEH, ISO 27001 Lead Implementer/Lead Auditor, ISO 42001 Lead Implementer, CISA, relevant certification in AI Security (good to have, but not mandatory)2. Experience:Total Experience (1): 7-8 yearsTotal Experience (1): 4-6 yearsTotal Experience (2): 2-3 years

Knowledge and Experience:
Demonstrable practical experience with ISO 27001 implementation, maintenance, or audit support.

Strong understanding and practical application experience with the NIST Cybersecurity Framework (CSF).
Familiarity with or emerging experience in AI security concepts (e.g., model security, data integrity for AI, bias mitigation).Awareness of or exposure to ISO 42001 principles and requirements for AI management systems is highly desirable.

Good understanding of information security principles and related compliance controls. Ability to articulate the relevance of the security controls
Experience in the delivery of Information Security risk and compliance advisory servicesExperience in management consulting and information security auditsExperience around technology risk assessmentsAbility to research and develop new risk-based security offeringsComfortable working in a project-based / client-serving model

Personal Attributes:
Self-starter and quick learner requiring minimal ramp-upExcellent written, oral, and interpersonal communication skillsHighly self-motivated, self-directed, and attentive to detailAbility to effectively prioritize and execute tasks in a high-pressure environment