Information Security Manager (D)
Ovations Talent Sourcing
This is a 6 – month contract with our client in the Fintech industry
In this role, you will help design and operate robust AI security controls, standards, and assurance activities across GenAI, classical ML, data pipelines, and AI-enabled products.
What You'll Do (Key Performance Areas)
- AI Security Governance: Support the Fintech AI security mandate; embed BRAIN policy requirements into product gates and coordinate controls across Risk, Legal, Privacy, and Procurement.
- Strategy & Architecture: Implement security standards aligned with cloud reference architectures, Zero Trust, secure SDLC, and IAM across MLOps stacks and model-serving patterns.
- Generative AI & LLM Security: Operationalize BRAIN policy guardrails, including prompt security, input/output filtering, data loss prevention (DLP), and secure LLM architecture patterns.
- Adversarial ML Defence & Red Teaming: Conduct threat modelling, adversarial robustness testing (poisoning, evasion, prompt injection), and execute AI red-teaming exercises.
- Secure MLOps & Data Security: Enforce CI/CD security for models, hardened model registries, signed/attested models, and protect training datasets from data leakage.
- Monitoring & Incident Response: Integrate AI platforms with the enterprise SIEM/SOC and extend cyber incident-response playbooks to handle compromised models and behavioural drift.
- Compliance & Frameworks: Map controls to POPIA, GDPR, ISO/IEC 27001, ISO/IEC 42001 (AI), and the NIST AI RMF.
What You Bring
- Education: Bachelor's degree in Computer Science, Engineering, Mathematics, or a related field (Honours advantageous).
- Certifications: CISSP, CCSP, or specialized Cloud AI/ML engineering credentials.
- Experience: 5+ years in cybersecurity/platform security, including 2–3+ years specifically securing AI/ML platforms, GenAI/LLM ecosystems, or enterprise data analytics.
- Environment: Experience in complex, multi-country enterprise environments (preferably Telco or Fintech) with hands-on exposure to cloud-native AI stacks (specifically Azure) and MLOps toolchains.
- Core Competencies: Expert-level understanding of threat modelling, LLM guardrails, data privacy, and cross-functional stakeholder management.