AVP - Application Security

Job Purpose

The person will be responsible to maintain Governance, Risk and Compliance (GRC) - Information and Cyber Security and BCP of the company.

Roles and Responsibilities

Ensure compliance to SEBI and regulatory circulars and requirements released time to time.

1. AI Security by Design

• Implement security controls for AI/ML models, data pipelines, and platforms starting from inception.
• Define and enforce secure architecture patterns for AI systems, including model training, inference, and deployment environments.
• Identify and mitigate AI-specific risks such as model poisoning, data leakage, adversarial attacks, and model misuse.

2. Secure AI Lifecycle & DevSecOps

• Embed security within the AI development lifecycle (AI SDLC), integrating security checks into CI/CD pipelines.
• Collaborate with engineering and data science teams to implement DevSecOps practices for AI workloads.
• Automate security testing, vulnerability management, and compliance checks for AI models and supporting infrastructure.

3. Security Strategy & Architecture

• Develop and execute enterprise-level AI security strategy and roadmap aligned with business objectives.
• Define standards, policies, and reference architectures for secure AI adoption.
• Evaluate and onboard new AI technologies, tools, and platforms with a security-first approach.

4. Implementation of New Security Projects

• Lead the implementation of security projects including AI security initiatives, tooling for AI visibility, monitoring, and risk management.
• Drive proof-of-concepts and production rollouts of new security capabilities for AI and cloud-native environments.
• Partner with vendors and internal stakeholders to ensure successful delivery of security projects.

5. Security Operations

• Oversee day-to-day security operations related to Cyber Security and AI systems, including monitoring, incident response, and threat detection.
• Ensure timely detection and response to security incidents involving AI models, data, and platforms.
• Continuously improve operational processes to enhance resilience and reduce risk exposure.

6. Security Governance, Risk, and Compliance

• Establish Security governance frameworks for its responsible and secure use.
• Ensure compliance with regulatory, legal, and internal security requirements related to AI and data protection.
• Conduct risk assessments and provide security assurance for AI-driven business initiatives.

7. Leadership & Collaboration

• Act as a trusted security advisor to engineering, data science, product, and leadership teams.
• Drive security awareness and best practices across teams working on AI initiatives.
• Mentor security and engineering teams on AI-specific security risks and controls.
• Ensure ISO certifications are maintained for BCP and information and Cyber security.
• To review governance controls and prepare the company to comply to the audit controls.
• Review Security and IT compliance reports
• Review and update Information security and BCP policies, IT and Security SOPs, BIA and Crisis plans
• Conduct Cyber & BCP Risk assessment and maintain Risk register to make sure the level of risk is within permitted limit and ensure gaps are mitigated within specified timeline.
• Conduct Cyber maturity assessment and calculate cyber capability index

Requirements

• Minimum 10+ years of experience in Information and Cyber Security, GRC
• Primary Certifications: CISSP and Certification on Security
• Minimum Qualification: Full-time Graduation B.E./ B.Tech or similar from a reputed institute
• Candidate should be from BFSI sector preferably AMCs, Banking or NBFC background