AI Security and Controls Subject Matter Expert

Currently, we are looking for talented resources for one of our listed clients. If interested please reply to me with your updated resume or feel free to reach out to me for more details at



Hybrid role - 3 days Onsite and 2 days Remote



Job Description:

• We're seeking someone to join our team as a Full time Consultant to work in the technology audit team, within Internal Audit, to manage/execute risk based assurance activities for Firm's use of GenAI or Artificial Intelligence in general.
• Internal Audit
• The Internal Audit Department (IAD) reports directly to the Board Audit Committee, and is an objective and independent function within Client's risk management framework.
• IAD assists senior management and the Audit Committee of the Board (BAC) in the effective discharge of their legal, fiduciary and oversight responsibilities.
• Comprises over 400 employees globally. IAD is responsible for providing independent assurance on the quality and effectiveness of Client's system of internal control, including risk management and governance systems and processes.
• IAD also serves as an objective and independent function within the Firm's risk management framework to foster continual improvement of risk management processes by identifying and assessing operating risks, and evaluating the adequacy and effectiveness of the Firm's related internal controls.
• Based on these activities, IAD develops an independent and informed view of the risks faced by Client and the effectiveness of the risk management processes employed to manage them. In doing so, we help drive Firm resources to vulnerabilities.

What you'll do in the role:

• Conduct Model Audits: Execute a wide range of assurance activities focused on the controls, governance, and risk management of generative AI models used within the organisation.
• Model Security & Privacy Reviews: Review and assess privacy controls, data protection measures, and security protocols applied to AI models, including data handling, access management, and compliance with regulatory standards.
• Familiarity with GenAI Model: Good understanding of current and upcoming GenAI models.
• Adopt New Audit Tools: Stay current with and implement new audit tools and techniques relevant to AI/ML systems, including model interpretability, fairness, and robustness assessment tools.
• Risk Communication: Develop clear and concise messages regarding risks and business impact related to AI models, including model bias, drift, and security vulnerabilities.
• Data-Driven Analysis: Identify, collect, and analyse data relevant to model performance, privacy, and security, leveraging both structured and unstructured sources.
• Control Testing: Test controls over AI model development, deployment, monitoring, and lifecycle management, including data lineage, model versioning, and access controls.
• Issue Identification: Identify control gaps and open risks, raise insightful questions to identify root causes and business impact, and draw appropriate conclusions.

What you'll bring to the role:

• Experience: At least 3-4 years' relevant experience in technology audit, AI/ML, data privacy, or information security.
• Auditt Knowledge: Understanding of audit principles, tools, and processes (risk assessments, planning, testing, reporting, and continuous monitoring), with a focus on AI/ML systems.
• Communication: Ability to communicate clearly and concisely, adapting messages for technical and non-technical audiences.
• Analytical Skills: Ability to identify patterns, anomalies, and risks in model behaviour and data.
• Education: Master's or bachelor's degree (Computer Science, Data Science, Information Security, or related field preferred).
• Certifications: CISA, CISSP, or relevant AI/ML certifications (preferred, not required).

Technical Knowledge:

Strong understanding of:

• AI/ML model development and deployment processes.
• Model interpretability, fairness, and robustness concepts.
• Privacy frameworks (e.g., GDPR, CCPA).
• Security standards (e.g., NIST, ISO 27001/02).
• Data governance and protection practices.

About us:

At our organization, we take our mission and values to heart! We are on a mission to offer more and better jobs all over the world! Our goal is to care for you while you care for our clients and get you paid the highest pay possible. All our associates working with us are expected to embrace our RACE values: R - Results Matter, A- Approachable, C - Care, and E - Emergency i.e. work with a sense of urgency.



For more relevant job opportunities please visit our website: