AI - Internal Technical Security Consultant

Job description

AI – Internal Technical Security Consultant (Senior Manager)

AI is an emerging risk for businesses, and we'd be delighted to read a covering letter around your experiences of de-risking businesses in a landscape where the use of AI is increasing - We know your experience may not come across in just your standard CV.

Team

Security Architecture and Advisory (SAA) is a vital part of KPMG UK Cyber Security, a first line of defence team within the Enterprise-Wide Technology function. The SAA team plays a crucial role in assessing, developing and delivering innovative, secure digital solutions for KPMG, our clients, and audited entities. The SAA team is essential to KPMG’s ability to demonstrate that we are delivering ‘secure by design’ digital solutions, building trust with our business stakeholders, customers, and regulators.

Role

This role is within the Security Architecture Consultancy sub-team, which provides specialist security advice in collaboration with technical and business teams throughout the entire or part of a digital solution’s life cycle. The team owns and develops Security Patterns, Security Specifications, and the Threat Modelling Framework, to support secure technology innovation in a changing threat landscape.

We are seeking a highly motivated and skilled professional in the field of Artificial Intelligence (AI) security. The role will play a key part to help KPMG understand and manage the security risks with AI technologies – be that AI technologies KPMG consume or build ourselves. You will be responsible for providing technical security guidance and expertise to a wide range of stakeholders, ensuring the secure implementation and use of AI within KPMG.

In essence, the AI Technical Security Consultant acts as a bridge between the world of AI and the world of cyber security. They are responsible for ensuring that AI technologies are implemented and used securely, protecting both KPMG and our customers from potential risks.

The role is within an internal security team, with limited external client advisory.

Responsibilities

The AI Technical Security Consultant will:

• Provide technical security guidance and expertise to KPMG internal staff on AI security best practices to protect AI digital solutions, models and data.
• Conduct security assessments of AI solutions and services.
• Contribute to and implement AI security policies and procedures.
• Work closely with other KPMG professionals, including data scientists, cybersecurity experts, and engineers to help with the secure development, build, use and maintenance of AI technology.
• Review the development and training processes of AI models & AI digital solutions to ensure they are secure and compliant.
• Working in conjunction with the Security Testing team, scope AI security testing to validate the robustness and security of AI systems.
• Evaluate and recommend AI security tools and technologies.
• Contribute to the development of new AI security tools and technologies (and roadmaps), collaborating with KPMG's internal engineering teams and Enterprise Security Architecture.
• Share knowledge and expertise within the team and across KPMG to educate staff on AI security risks and mitigation strategies.
• Stay abreast of the rapidly evolving AI landscape, including emerging threats and vulnerabilities.
• Contribute to the development of KPMG's AI security thought leadership – both locally within the UK and across other member firms globally.

Essential Experience

• Bachelor's degree in a relevant field (e.g. Cybersecurity, Data Science, AI)
• Deep understanding of AI technologies, including machine learning, deep learning, and natural language processing.
• Strong understanding of AI security tooling to help with the reduction of risk and governance of AI within an enterprise.
• Hands-on experience and knowledge in securing digital AI products/solutions in the Cloud (e.g. AWS, Azure, and Google).
• Familiarity with Generative AI technology – such as Open AI.
• Familiarity with AI security frameworks, standards and regulatory requirements - such as OWASP AI publications, EU AI Act and ISO 42001.
• Familiarity with the UK Data Protection Act.
• A strong understanding of Cloud, Application, and SaaS security concepts, best practices, and industry standards.
• Demonstrated ability to adapt communication style to explain technical concepts to different audiences within an organization whether advising stakeholders, directing teams, or sharing experience.
• Experience of successfully working in a fast-paced, customer service/regulated environments, delivering high-quality information security services.
• Ability to work independently and as part of a team.
• Ability to remain calm in challenging situations, navigate complex security problems to find the root cause, and achieve a balanced outcome.

Desirable Experience

• Master's degree in a relevant field (e.g. Cybersecurity, Data Science, AI)
• AI-related certifications.
• Experience and knowledge of threat modelling, container/serverless platforms, modern application development processes, infrastructure/network security; security testing, and security tooling (e.g. SIEM, End Point Protection)
• Providing AI Security advice within the Public sector.
• Experience working in an Agile software development environment.
• Proficiency in programming languages relevant to AI security (e.g., Python, Java, C++).

#LI-AR1

#LI-AR1