AI Security Officer

Job Title: AI Security Officer

Job Purpose And Role Summary

Ensure that AI platforms and AI-enabled processing resources are protected through appropriate security controls to prevent unauthorized access, misuse, leakage, disruption, or manipulation, thereby safeguarding business continuity and regulatory compliance.

Key Accountability

• Design, implement, and maintain secure architectures for AI/ML systems across the bank, including model development, deployment, and monitoring environments.
• Develop and maintain AI security standards, policies, and procedures aligned with regulatory, ethical AI, and information security requirements.
• Integrate security-by-design and privacy-by-design principles into AI model lifecycle (data ingestion, training, validation, deployment, and retirement).
• Conduct threat modeling and risk assessments specific to AI systems (e.g., model theft, data poisoning, adversarial attacks, prompt injection).
• Implement controls to protect training data, feature stores, model artifacts, APIs, and inference endpoints.
• Establish mechanisms to detect and mitigate AI-specific threats including adversarial inputs, model inversion, membership inference, and data leakage.
• Ensure secure access control, identity management, and secrets management for AI platforms, pipelines, and tooling.
• Implement continuous security monitoring for AI systems, including model behavior monitoring, drift detection, and anomaly detection.
• Secure integrations between AI systems and core banking systems, third-party platforms, and cloud services.
• Ensure encryption of AI-related data at rest, in transit, and during processing, including secure key management practices.
• Review and validate the security posture of AI frameworks, libraries, and open-source components used by the bank.
• Define and enforce logging, audit trails, and traceability requirements for AI systems to support investigations and regulatory reviews.
• Implement secure MLOps practices, including CI/CD pipeline security, artifact integrity, and environment segregation.
• Ensure compliance with local data protection laws, QCB regulations, and AI governance requirements related to automated decision-making.
• Classify AI data assets and models and ensure secure sharing with third parties, vendors, and regulators with due diligence.
• Support AI security awareness initiatives by providing technical guidance and training to developers, data scientists, and IT teams.
• Proactively report and escalate any AI-related security weaknesses, vulnerabilities, or policy violations.
  
  

Breach Investigation

• Lead and support investigations of AI-related security incidents, including data leakage, model compromise, and unauthorized access.
• Identify root causes, recommend corrective and preventive actions, and support management in disciplinary or legal actions when required.
  
  

Compliance & Reporting

• Prepare technical AI security reports, risk assessments, and control effectiveness documentation as required by management and regulators.
• Assist IT, Compliance, Risk, and Internal Audit teams in assessing the adequacy of AI security and governance controls.
• Provide accurate and timely technical evidence and documentation to internal and external auditors.
• Stay up to date with emerging AI security threats, global best practices, and regulatory developments.
• Maintain strict confidentiality of AI models, data, algorithms, and commercially sensitive information.
• Prepare departmental, technical, and risk reports related to AI security in a timely and accurate manner.
• Ensure adherence to QDB guidelines, SOPs, ethical AI principles, and applicable regulations
  
  

Qualifications /Education

Bachelor’s degree in Artificial Intelligence, Computer Science, Information Technology or any related discipline.

Years Of Experience

Minimum 5 years of experience of which a minimum of 3 years should be in a similar role/position.

Preferred Professional Certificates (if Applicable)

Certified Information Security Professional (CISP)

Skills: ai security,data,sops,algorithms,cisp,departmental,technical,qdb,ai models,risk reports