AI Risk & Security Governance Specialist

Job Title: Advisory POD-3

Experience: 2-8 Years

Notice Period: Immediate Joiner

Job Responsibilities:

• Implement and manage security controls specifically designed for AI systems throughout their lifecycle (data collection, model training, deployment, monitoring).
• Address AI-specific security risks such as data poisoning, model inversion attacks, adversarial attacks, and prompt injection vulnerabilities.
• Lead or support the implementation and maintenance of our ISO 42001 (Artificial Intelligence Management System), ensuring compliance with its requirements for trustworthiness, robustness, and ethical considerations in AI systems.
• Conduct AI-specific risk assessments, identifying and mitigating risks related to AI bias, privacy, security, and societal impact.
• Develop, review, and refine comprehensive AI security, data governance, and information security policies, standards, and procedures, ensuring alignment with ISO 42001.
• Prepare for and support internal and external audits for ISO 42001 certification.
• Contribute to the design, implementation, and continuous improvement of our ISO 27001 (Information Security Management System), ensuring its relevance and effectiveness
• Support in audits, risk assessments, and gap analysis, ensuring adherence to compliance requirements.
• Assess organizational cybersecurity posture using the NIST Cybersecurity Framework (CSF).
• Identify and document gaps and provide recommendations of security measures aligned with NIST CSF. Prepare compliance status and risk reduction strategies.
• Assist in drafting and updating organizational policies and procedures for governance and compliance.
• Deliver complex projects in a fast-paced, team environment

Job Specifications:

1. Qualification:

Bachelors degree in Engineering or closely related coursework in technology development disciplines

Certifications

2. Experience:

Knowledge and Experience:

• Demonstrable practical experience with ISO 27001 implementation, maintenance, or audit support.
• Strong understanding and practical application experience with the NIST Cybersecurity Framework (CSF).
• Familiarity with or emerging experience in AI security concepts (e.g., model security, data integrity for AI, bias mitigation).
• Awareness of or exposure to ISO 42001 principles and requirements for AI management systems is highly desirable.
• Good understanding of information security principles and related compliance controls. Ability to articulate the relevance of the security controls
• Experience in delivery of Information Security risk and compliance advisory services
• Experience in management consulting and information security audits
• Experience around technology risk assessments
• Ability to research and develop new risk-based security offerings
• Comfortable working in a project based / client serving model