Develop, implement, and oversee comprehensive risk management programs for AI security, ensuring alignment with the firm's overall risk appetite and regulatory requirements.
Lead risk assessments, audits, and vulnerability tests on our AI systems to identify potential risks and propose mitigation strategies.
Stay abreast of the latest developments in AI security, ensuring our systems and protocols are up-to-date and compliant with industry standards.
Provide leadership and guidance to staff on best practices for AI security, fostering a culture of security awareness across the organization.
Prepare regular risk and control reports focusing on AI security for senior management, highlighting key audit, risks and control issues.
Monitor and report on the effectiveness of technology, information and cybersecurity risk controls, identifying any control weaknesses and recommending improvements.
Coordinate with second and third-line risk functions to ensure a unified approach to audit & risk management.
What qualifications or skills should you possess in this role
Bachelor's Degree in Information Technology, Computer Science, Engineering or equivalent
Minimum of 10 years of relevant experience in IT risk management involving Information, Technology and Cyber Security risk, with a significant focus on AI security
Demonstrated expertise in AI security, including understanding of machine learning algorithms, data protection, privacy considerations, and adversarial attack strategies
Experience in implementing AI security measures, such as robustness testing, adversarial training, and federated learning
Familiarity with AI ethics and regulatory considerations, including GDPR, CCPA, and other relevant data protection regulations pertaining to AI
Strong influencing, problem solving, analytical and interpersonal skills
Experience in organization IT risk appetite and key risk indicator management, monthly data driven report generation and presentation to senior management, and independent assessment of incident root cause analysis will be required
Knowledge of the Banking Act MAS Technology Risk Management Guidelines, MAS Notice 644, MAS 655, Information Security Policy, Cyber Security Act, MAS Outsourcing Guidelines etc. will be advantageous
Possession of professional qualifications e.g. CISA, CRISC will be advantageous
Skills & Requirements
Technical Skills
Ai securityMachine learning algorithmsData protectionPrivacy considerationsAdversarial attack strategiesInfluencingProblem solvingAnalyticalInterpersonalCisaCriscFinanceRisk managementAi