Senior Consultant – AI Security Service Management - Support for AI risk assessments, model scanning, red teaming, and runtime protection initiatives 10

Senior Consultant - AI Security Service Management

12 months

Hybrid Tuesdays / Every 4th Friday

Office Location: 81 Bay st 17th floor

The Security Service Management (SSM) function within Cyber Security ensures that all AI and Agentic AI applications across the enterprise are protected by appropriate security controls in accordance with the Enterprise AI Framework. The team develops, operationalizes, and continuously improves AI security services to identify risks, enforce remediation, ensure regulatory readiness, and enable responsible AI innovation across the bank.

New funding approved to support the rollout of AI and Agentic AI security tools. Additional resourcing is required to support automation, documentation, operationalization, and integration of AI security controls across the enterprise.

Responsibilities:

The Senior Consultant, AI Security Service Management will support enterprise AI security initiatives by evaluating and integrating AI security technologies, developing automation and operational processes, and ensuring AI applications meet regulatory and governance requirements.

The role partners closely with engineering, risk, governance, and security teams to identify and mitigate AI-related risks, operationalize security controls, and continuously improve AI security services.

Responsibilities include vendor evaluations and PoCs, automation of security workflows, documentation of operational processes, AI risk assessments, reporting, and contributing to enterprise AI security standards.

Must Have Requirement:

8+ Years experience Information Security / Cyber Security

2-3+ years of experience specifically in AI Security, AI Risk, or Security in AI/ML environments

Extensive hands-on experience with automation, including:

• Ansible or other open-source automation frameworks/tools

• Proven experience deploying and maintaining automation (not just exposure)

Experience integrating multiple security tools and automating security workflows

Working knowledge of AI/ML concepts (e.g., generative AI, agentic AI, model lifecycle)

Experience operating in regulated environments (financial services preferred)

Ability to create operational documentation (playbooks, procedures, workflows)

Hands-on scripting or automation experience (e.g., Python, Bash, YAML)

Experience working with security vendors and validating tool capabilities

Strong understanding of security controls, risk assessment, and remediation tracking

Ability to translate technical risk into clear documentation and reporting

Nice to Have:

CISSP

CISM

AAISM

Experience with:

NIST AI Risk Management Framework (AI RMF)

ISO/IEC AI standards (e.g., 23894, 42001)

ServiceNow (catalogue, workflows, or integrations)

AI governance, ethics, or model risk management