Job Purpose
The person will be responsible to maintain Governance, Risk and Compliance (GRC) - Information and Cyber Security and BCP of the company.
Roles and Responsibilities
Ensure compliance to SEBI and regulatory circulars and requirements released time to time.
1. AI Security by Design
- Implement security controls for AI/ML models, data pipelines, and platforms starting from inception.
- Define and enforce secure architecture patterns for AI systems, including model training, inference, and deployment environments.
- Identify and mitigate AI-specific risks such as model poisoning, data leakage, adversarial attacks, and model misuse.
2. Secure AI Lifecycle & DevSecOps
- Embed security within the AI development lifecycle (AI SDLC), integrating security checks into CI/CD pipelines.
- Collaborate with engineering and data science teams to implement DevSecOps practices for AI workloads.
- Automate security testing, vulnerability management, and compliance checks for AI models and supporting infrastructure.
3. Security Strategy & Architecture
- Develop and execute enterprise-level AI security strategy and roadmap aligned with business objectives.
- Define standards, policies, and reference architectures for secure AI adoption.
- Evaluate and onboard new AI technologies, tools, and platforms with a security-first approach.
4. Implementation of New Security Projects
- Lead the implementation of security projects including AI security initiatives, tooling for AI visibility, monitoring, and risk management.
- Drive proof-of-concepts and production rollouts of new security capabilities for AI and cloud-native environments.
- Partner with vendors and internal stakeholders to ensure successful delivery of security projects.
5. Security Operations
- Oversee day-to-day security operations related to Cyber Security and AI systems, including monitoring, incident response, and threat detection.
- Ensure timely detection and response to security incidents involving AI models, data, and platforms.
- Continuously improve operational processes to enhance resilience and reduce risk exposure.
6. Security Governance, Risk, and Compliance
- Establish Security governance frameworks for its responsible and secure use.
- Ensure compliance with regulatory, legal, and internal security requirements related to AI and data protection.
- Conduct risk assessments and provide security assurance for AI-driven business initiatives.
7. Leadership & Collaboration
- Act as a trusted security advisor to engineering, data science, product, and leadership teams.
- Drive security awareness and best practices across teams working on AI initiatives.
- Mentor security and engineering teams on AI-specific security risks and controls.
- Ensure ISO certifications are maintained for BCP and information and Cyber security.
- To review governance controls and prepare the company to comply to the audit controls.
- Review Security and IT compliance reports
- Review and update Information security and BCP policies, IT and Security SOPs, BIA and Crisis plans
- Conduct Cyber & BCP Risk assessment and maintain Risk register to make sure the level of risk is within permitted limit and ensure gaps are mitigated within specified timeline.
- Conduct Cyber maturity assessment and calculate cyber capability index
Requirements
- Minimum 10+ years of experience in Information and Cyber Security, GRC
- Primary Certifications: CISSP and Certification on Security
- Minimum Qualification: Full-time Graduation – B.E./ B.Tech or similar from a reputed institute
- Candidate should be from BFSI sector preferably AMCs, Banking or NBFC background
