Close jobs in DarlingtonCreate job alerts

The Role In this role, you will lead the design, development, and execution of our most complex and high-impact AI and data-driven security initiatives across the organisation. You will define the strategic direction for AI and data security architecture, owning the roadmap that ensures our systems and models are secure, resilient, and compliant by design. As a key technical leader, you will drive the adoption of modern security practices throughout the AI/ML development lifecycle—embedding security into data pipelines, model training workflows, infrastructure, APIs, CI/CD pipelines, and cloud-native platforms. You will work closely with engineering, MLOps, and product teams to ensure that models and data systems are built securely and scale effectively in a rapidly evolving threat landscape. You will also oversee the design and integration of enterprise-grade security and privacy controls across AI platforms, cloud environments, and data architecture—ensuring alignment with compliance frameworks (e.g., GDPR, ISO 27001, NIST AI RMF) and ethical AI principles. Collaborating cross-functionally with Engineering, DevOps, Data, Compliance, and Architecture teams, you’ll champion automation, threat modelling, privacy-by-design, and security-by-default across our AI and data ecosystem. This is a pivotal role that blends deep technical expertise with strategic foresight, empowering teams, strengthening our security posture, and shaping the future of trustworthy, secure AI innovation at scale. About Us At ZOG Global, we don’t just provide IT solutions, we build secure, intelligent, and scalable digital ecosystems. As a leading IT consultancy services in the UK, specialising in cybersecurity, automation, and software development, we help businesses stay competitive and secure. Our expertise spans advanced cybersecurity solutions, advanced AI-driven automation, and next-gen software development, ensuring our clients have the tools to innovate fearlessly while staying secure. At ZOG Global, we foster a culture of innovation, collaboration, and continuous learning, where every team member plays a crucial role in shaping the future of secure technology. Join us to work on challenging, high-impact projects, collaborate with some of the brightest minds in the industry, and drive security innovation at scale! Key Responsibilities • Secure AI/ML workloads running on cloud-native platforms such as SageMaker, Azure ML, Vertex AI, and custom Kubernetes-based training clusters. • Design isolation strategies and access controls for GPU-enabled instances, model endpoints, and distributed training environments. • Assess cloud-hosted AI services and APIs for misconfigurations, data leakage, and privilege escalation risks. • Ensure adherence to AI-specific regulatory frameworks (e.g., EU AI Act, NIST AI RMF, ISO/IEC 42001) and responsible AI principles. • Contribute to the development of internal AI governance policies covering model transparency, fairness, and accountability. • Collaborate with legal, compliance, and data teams to assess ethical risks and implement guardrails for generative AI usage. • Design secure data pipelines and storage architectures that support privacy-preserving AI workflows and model training at scale. • Implement differential privacy, encryption-at-rest/in-transit, and federated learning where applicable to protect sensitive training data. • Evaluate and secure third-party datasets, embeddings, and model artefacts integrated into enterprise AI solutions. • Collaborate with data architect and analysts to assess model explainability, adversarial robustness, and model inversion risks. • Architect end-to-end AI/ML platforms with security-by-design principles, from data ingestion to inference. • Define secure model-serving architectures, including API protection, input validation, and rate-limiting mechanisms. • Support the design of scalable LLM and vector database infrastructure with appropriate access controls and logging. • Promote security standards for AI model reuse, supply chain integrity (e.g., ML model provenance), and open-source model vetting. • Embed security into CI/CD pipelines using automated security tools. • Develop and deploy security-as-code solutions for cloud and container environments. • Automate security compliance checks, vulnerability scanning, and incident response workflows. • Secure cloud-native applications, Kubernetes clusters, and serverless environments. • Perform security assessments, threat modeling, and risk mitigation strategies. • Ensure adherence to industry security frameworks (e.g., NIST, ISO 27001, CIS, SOC 2). • Define security policies, best practices, and threat mitigation strategies. • Drive security awareness and DevSecOps culture across teams. What We’re Looking For • 6+ years of experience in cybersecurity, including 3+ years in DevSecOps, Application Security, Cloud Security, or Security Architecture roles, ideally with exposure to data-driven or AI/ML environments in enterprise or consultancy settings. • Professional certifications that demonstrate depth and breadth in cloud and security domains (e.g., CISSP, CCSP, SC-100, OSCP, AWS Security Specialty, or DevSecOps certifications). • Strong understanding of AI/ML security principles, including model integrity, data lineage, adversarial threat mitigation, input validation, and governance of generative AI systems in line with emerging AI regulations and privacy standards. • Demonstrated ability to embed security into CI/CD and MLOps pipelines, driving DevSecOps automation using Infrastructure as Code (IaC) and security-as-code practices. • Hands-on experience with security testing frameworks, including SAST, DAST, SCA, fuzz testing, and API security validation, using industry-standard tools and custom automation workflows. • Strong command of cloud platforms (AWS, Azure, GCP), including AI/ML services, Kubernetes, serverless architectures, and container security tooling. • Skilled in automating security controls and infrastructure compliance using tools (Terraform, Ansible, Jenkins, GitHub Actions, or similar). • Deep understanding of SIEM, SOAR, IAM, and cloud-native monitoring for real-time detection, incident response, and compliance reporting. • Proficient in scripting and automation using Python, Bash, Go, or similar languages to build scalable, repeatable security workflows. • Familiarity with key security and compliance frameworks, including MITRE ATT&CK, NIST CSF, OWASP SAMM, CVSS, STRIDE, PCI-DSS, GDPR, and emerging AI-specific standards (e.g., NIST AI RMF, ISO/IEC 42001). • Experience in data and AI security architecture, including data classification, secure data lakes, model provenance, encryption, key management, and regulatory compliance across hybrid cloud ecosystems. • Ability to design secure, scalable microservices and model-serving architectures, advocate for Zero Trust principles, and drive secure API and identity integration across enterprise environments. • Strong collaborator with experience leading cross-functional security initiatives, participating in vendor/tool evaluations, and aligning architecture with governance requirements. • Effective communicator who can translate complex security and AI risk topics into actionable guidance, foster DevSecOps and MLOps culture, and advocate for security best practices across technical and business teams. • Deep understanding of data security, governance, and compliance in cloud environments. • Experience in compliance processes, interfacing with external consultants, and handling customer security requirements. • Ability to solve highly complex security challenges intuitively and effectively. If you live and breathe AI and application security, can navigate complex systems, crave learning new things, and would like your work to have positive impact on all our initiatives, then this role is for you.