Reporting to: Group Director of Information Security
Team: Information Security
Location: Hybrid
Role Purpose
To own AI security and risk at Citation Group. Getting deep into how AI systems, integrations, and agentic workflows are built, connected, and exposed, and ensuring that what gets deployed is safe, understood, and controlled.
The successful candidate will have genuine technical curiosity about how AI systems work under the hood, the security instinct to identify what could go wrong, and the confidence to act on their findings with senior stakeholders.
This role sits at the frontier of an emerging discipline. It will suit someone who thrives on the pace of change, and who wants to build deep expertise in AI security as the field develops.
Key Responsibilities
* Lead and perform security and risk assessments across all AI use cases, including new tools, workflows, agentic systems, and platform integrations, assessing each against the company's risk framework. Risk assessing AI integrations requires technical depth and will form the core of the role.
* Develop and maintain a deep working understanding of how MCP servers, API connections, permission scopes, and agentic frameworks function in practice, and what each means for data exposure, privilege escalation, and system integrity.
* Assess the attack surface introduced by AI integrations, including prompt injection vectors, tool misuse in agentic pipelines, and unintended data flows across connected systems.
* Work from minimal information provided by requesters, proactively identifying the right questions to ask and the right evidence to seek, to produce actionable, proportionate risk assessments.
* Read and interrogate vendor security documentation, API specifications, and integration architecture diagrams independently, without reliance on the requester to interpret them.
* Manage identified risks through to treatment, working with relevant teams to design and implement controls.
LLM & Agentic Security
* Assess the specific risks introduced by large language models and agentic AI systems, including prompt injection, jailbreaking, indirect prompt injection via external data sources, and unintended tool invocation.
* Evaluate agentic workflows for excessive permissions, insufficient human oversight, and potential for uncontrolled action chains.
* Stay current with the evolving LLM and agentic threat landscape, bringing emerging attack patterns into the risk assessment process as they develop.
AI Asset Management & Shadow AI
* Maintain an accurate and current AI asset register, with clear visibility of what is deployed across the group, by whom, and for what purpose.
* Proactively identify shadow AI deployments and ungoverned integrations using available tooling and assess the risks they present.
* Recognise that the risk profile of deployed tools can change as vendors release updates and new capabilities, and ensure all new risks are reviewed and treated.
Service Transition
* Include operational readiness as a component of AI risk assessment, ensuring that the continued support, maintenance, monitoring, and ownership of new AI solutions are considered before deployment.
* Work with the AI team and IT Service Desk to ensure AI security and risk considerations are factored into service transition planning.
AI Governance
* Serve as the subject matter expert on AI security and risk within the AI Governance Committee, providing technical input and challenge to ensure decisions are grounded in an accurate understanding of risk.
* Translate technical findings into clear, actionable guidance that non-technical stakeholders can act on.
* Contribute to the AI policy, ensuring it reflects the current threat and integration landscape rather than theoretical risk.
* Support the translation of regulatory developments, including the EU AI Act, ICO guidance, and ISO 42001, into practical governance actions.
Required Experience and Skills
* Technical Security Background: A solid technical foundation with hands‑on experience assessing the security of systems, integrations, and APIs. Comfortable reading API documentation, vendor security disclosures, and integration architecture diagrams independently. Able to identify and articulate risks that requesters have not considered.
* AI & Agentic Systems Knowledge: A working understanding of how LLMs, agentic AI, MCP servers, and AI integration patterns function, and the security risks they introduce, including prompt injection, tool misuse, data leakage, permissions that exceed what the integration requires, and unintended agentic behaviour.
* Risk Experience: Demonstrable experience assessing and managing technology risks involving new tools and integrations, ideally including AI integration scenarios involving critical business systems.
* Ownership Mindset: A completer finisher who doesn't just identify risk but drives it to resolution, whether that means designing a control, working with a vendor, or building the process from scratch. Does not leave security and risk tasks half done with minimal supervision.
* Regulatory Awareness: Working knowledge of the emerging AI regulatory landscape, including the EU AI Act and ISO 42001, and the ability to translate requirements into practical actions.
* Adaptability: Comfortable operating in a fast‑moving and unpredictable landscape where the technology, risks, and the regulatory environment are all evolving simultaneously. This role would suit someone moving from a cloud security, application security, or technical risk background who has a genuine passion for AI and wants to build expertise at the frontier of the discipline.
#J-18808-Ljbffr