AI Security Architect

Role: AI Security Architect
Location: Reading, UK
Duration: Contract - Inside IR35

Job Description:
Your responsibilities:

• Develop and implement comprehensive AI/ML security strategies, policies, standards and guidelines to protect organizational assets and ensure the secure operation of AI and ML systems.
• Develop and own robust enterprise security architecture for AI/ML systems, CI/CD and data pipelines.
• Participate in enterprise-wide architecture initiatives for AI/ML. Understand the workflow and pipeline architectures of ML and deep learning workloads.
• Conduct security risk assessments and threat modelling for AI/ML and other business projects performed thorough design reviews and security assessments of architectures and designs, identifying vulnerabilities, threats, and risks, and providing recommendations for effective mitigation measures for common attack vectors and threats.
• Support the testing of AI/ML models, LLM and development of trustworthiness, safety, fairness, bias and inappropriateness detection, as well as adversarial test specification, development, and execution.
• Collaborate with data scientists, engineers, and other stakeholders to embed security controls and measures into AI/ML applications, models, algorithms, and data pipelines.
• Define and enforce robust access controls, authentication mechanisms, and encryption standards to safeguard AI/ML systems, training data, provenance, and any sensitive data.
• Stay abreast of emerging AI security threats, trends, and technologies, evaluating their impact and proactively adapting security measures to mitigate potential risks.
• Provide technical guidance and support to cross-functional teams during the design, development, and deployment of AI/ML systems, ensuring security considerations are properly addressed.
• Conduct regular training sessions and awareness programs to educate stakeholders on AI/ML security best practices, policies, and procedures.
• Collaborate closely with the IT security team to ensure AI/ML systems comply with relevant regulatory requirements and industry standards, such as the EU AI Act, NIST AI RMF, the Digital Services Act, the Digital Markets Act, GDPR and ISO 27001.
• Work alongside incident response teams to investigate and respond to security incidents and breaches involving AI/ML systems, implementing remedial actions and preventative measures.
• Evaluate and recommend appropriate security tools, technologies, and frameworks to enhance the overall security posture of AI/ML and other business systems.
• Develop and maintain relationships between data scientists, data engineers, developers, operations (DevOps, DataOps, MLOps) and business unit leaders to govern and support scalability of the ML and AI initiatives.

Your Profile
Essential skills/knowledge/experience:

• Solid experience as a Security Architect, with a focus on AI/ML security, demonstrating a deep understanding of AI technologies, algorithms, models, and frameworks.
• Extensive knowledge of security principles, best practices, and standards within the context of AI/ML systems.
• Previous hands-on experience as developer, programmer or data scientist would be preferred.
• Proficiency in programming languages commonly used in AI/ML, such as Python, R, C, C++, or Java, and their associated security considerations.
• Previous experience with ML, LLM, deep learning and data manipulation techniques, libraries, and frameworks such as TensorFlow, PyTorch, Jax, and scikit-learn is desirable.
• Experience in implementing secure coding practices, DevOps, CI/CD pipelines and familiarity with secure software development life cycle (SDLC) methodologies.
• Strong understanding of modern software engineering, cloud services and DevOps, including knowledge of DevOps workflows and tools, such as Git, containers, Kubernetes and CI/CD orchestration tools.
• Strong understanding of common security vulnerabilities and threats specific to AI/ML, including adversarial attacks, prompt injection, data poisoning and the MITRE ATLAS framework.
• Hands on experience using security assessment and threat modelling tools and techniques to evaluate AI/ML systems and identify potential security weaknesses.
• Familiarity with current and emerging regulations and standards, such as the EU AI Act, the Digital Services Act, the Digital Markets Act, GDPR and ISO 27001, and their implications for AI/ML security, data protection and privacy.
• Proven track record in designing and implementing security controls, access management, and encryption solutions for AI/ML systems.
• Excellent analytical and problem-solving skills, with the ability to assess complex security risks and develop effective mitigation strategies.
• Outstanding communication and collaboration skills, enabling you to effectively convey technical concepts to both technical and non-technical stakeholders.