Senior AI Security Consultant

As the Senior AI Security Consultant for the BusinessSG initiative, you will be the primary security architect guiding our transition to a proactive AI-driven platform. You will be embedded within a 10-man Discovery Squad, working alongside AI engineers and product leads to ensure that autonomous AI workflows—operating via messaging interfaces and a unified data hub—are secure, transparent, and resilient.

Your mission is to ensure every AI action is auditable and non-repudiable, protecting multi-agency data sources while maintaining the highest standards of public trust.

Key Responsibilities

1. Security Architecture & Threat Modeling

• System Design: Lead the design of security guardrails for AI agents to prevent them from taking unauthorized legal or financial actions.

• Threat Modeling: Map out potential risks for autonomous AI, such as users trying to "hijack" the agent's intent or tricking it into accessing data it shouldn't.

• Human-in-the-Loop: Design workflows that ensure high-stakes AI decisions (like grant recommendations) cannot proceed without explicit, authenticated human approval.

1. Reliable Audit & Explainability

• Audit Trails: Build a "Chain of Custody" for AI decisions by logging what the agent "thought," what specific data it retrieved, and which model version was used.

• Reproducibility: Ensure that AI actions are documented well enough to be reconstructed and explained to auditors or stakeholders.

• Data Governance: Ensure the AI only accesses integrated agency data on a strict "need-to-know" basis.

1. Testing & Advanced Privacy (Preferred)

• Security Testing: Conduct proactive testing to find vulnerabilities in how the AI processes instructions or uses external tools.

• Advanced Privacy: Implement specialized privacy technologies to protect sensitive business information within our unified data hub.

Required Competencies & Experience

Experience Profile

• 6–10 years of experience in Cybersecurity, with at least 2–3 years focused on AI/ML systems or securing LLM-based applications.

• Proven track record in Cloud Infrastructure Security, specifically securing serverless compute, API gateways, and cloud-native databases.

Core Technical Foundations

• Agentic System Design: Experience architecting or securing systems where AI moves beyond "chat" to performing actions through APIs.

• LLM Security Foundations: Strong understanding of current LLM/ASI security risks, including prompt injection and data privacy in RAG (Retrieval-Augmented Generation) setups.

• Regulatory Knowledge: In-depth knowledge of Singapore’s public sector security standards, including:

• IM8.

• Model AI Governance Framework.

Strategic & Soft Skills

• Discovery Squad Collaboration: Ability to thrive in a high-velocity "sandbox" environment where you must balance rapid prototyping with security rigor.

• Adversarial Mindset: Ability to anticipate how users might try to "game" the system to gain unfair advantages.

• Risk Communication: Translating complex technical AI risks into clear, actionable advice for senior leadership.

Preferred Qualifications

• Experience with Policy-as-Code or logic-based authorization systems (e.g., ABAC).

• Knowledge in Digital Forensics or building immutable logging architectures.

• Skills & Tags

  gorustaidataproductdesign