Job Posting AI Security Manager

At JTI we celebrate differences and everyone truly belongs. 46000 people from all over the world are continuously building their unique success story with us. 83% of employees feel happy working at JTI.

To make a difference with us all you need to do is bring your human best.

What will your story be Apply now!

Learn more:

Please apply by 4th of June

Department:Information Security & Risk Management

Position: AI Security Manager

Location:Madrid Spain
Contract Type:Local Permanent

AI Security Manager

Purpose:

The AI Security Manager is responsible for ensuring that all AI systems are secure resilient and compliant with regulatory and internal risk standards. The role establishes and enforces controls across the AI lifecycle to prevent misuse protect data and model integrity and manage emerging AI-specific risks.
Acting as the bridge between security risk and AI & Innovation teams the AI Security Manager ensures that AI capabilities are deployed safely monitored effectively and governed in line with enterprise risk appetite. This includes embedding security into design maintaining oversight of AI-related threats and ensuring readiness to respond to incidents that impact AI systems or their outputs

Responsibilities :

1. Governance Risk & Compliance
   Define AI security policies aligned with standards such as NIST AI Risk Management Framework and ISO guidelines
   Conduct AI risk assessments including ethical legal and privacy considerations
   Ensure compliance with evolving regulations (e.g. EU AI Act data protection laws)
   Maintain audit trails and documentation for AI system decisions and controls
2. AI Security Architecture & Controls
   Define and implement security controls across the AI/ML lifecycle (data ingestion model training deployment and inference).
   Partner with AI and Innovation engineers to embed secure-by-design principles (e.g. model hardening secure APIs access
   controls)
   Evaluate and mitigate risks such as model inversion data poisoning and adversarial attacks.
   Establish secure AI/ MLOps practices including model versioning integrity validation and pipeline security
3. Threat & Vulnerability Management for AI Systems
   Develop threat models specific to AI systems including LLMs recommendation engines and predictive models.
   Continuously assess vulnerabilities in models datasets and dependencies
   Lead red-teaming exercises focused on adversarial AI and abuse scenarios (prompt injection model extraction).
   Monitor emerging AI-specific threats and incorporate them into security posture

Requirements :

• Bachelors or Masters degree in Cybersecurity Computer Science Information Security Data Science or a
  related discipline
  Advanced certifications in security or risk management are preferred (e.g. CISSP CISM CRISC)
  Additional exposure to AI/ML (formal coursework or certifications) is highly desirable
• 710 years of experience in cybersecurity information security or technology risk management.
  Proven experience in governance risk and compliance (GRC) and/or security architecture roles
  Hands-on exposure to AI/ML systems data platforms or advanced analytics environments
  Experience implementing or aligning with security frameworks (e.g. NIST ISO 27001).
  Demonstrated involvement in incident response threat modeling or resilience planning.
  Experience working cross-functionally with technology engineering data science and legal/compliance teams
• Fluent English written & spoken
• Strong understanding of AI/ML concepts including the full model lifecycle and MLOps practices alongside
  knowledge of AI-specific threats such as adversarial attacks prompt injection and model leakage. Familiar with
  cloud security APIs and data protection in distributed environments
  Able to design and implement risk-based control frameworks for emerging technologies with experience
  conducting risk assessments and translating technical risks into clear business impact and a solid grasp of the
  regulatory landscape affecting AI and data usage
  Capable of integrating AI systems into enterprise resilience and incident response frameworks including defining
  monitoring alerting and response mechanisms for complex environments
  Strong stakeholder management across technical and non-technical teams with the ability to challenge
  constructively and enforce standards where needed combined with clear communication skills to articulate risk
  trade-offs and control effectiveness

Are you ready to join us Build your success story at JTI. Apply now!

Next Steps:

After applying if selected please anticipate the following within 1-3 weeks of the job posting closure: Phone screening with Talent Advisor > Assessment tests > Interviews > Offer. Each step is eliminatory and may vary by role type.

At JTI we strive to create a diverse and inclusive work environment. As an equal-opportunity employer we welcome applicants from all backgrounds. If you need any specific support alternative formats or have other access requirements please let us know.