Senior AI Security Consultant

As the Senior AI Security Consultant for the BusinessSG initiative, you will be the primary security architect guiding our transition to a proactive AI-driven platform. You will be embedded within a 10-man Discovery Squad, working alongside AI engineers and product leads to ensure that autonomous AI workflows—operating via messaging interfaces and a unified data hub—are secure, transparent, and resilient. 

Your mission is to ensure every AI action is auditable and non-repudiable, protecting multi-agency data sources while maintaining the highest standards of public trust. 

 

Key Responsibilities 

1. Security Architecture & Threat Modeling 

• System Design: Lead the design of security guardrails for AI agents to prevent them from taking unauthorized legal or financial actions. 

• Threat Modeling: Map out potential risks for autonomous AI, such as users trying to "hijack" the agent's intent or tricking it into accessing data it shouldn't. 

• Human-in-the-Loop: Design workflows that ensure high-stakes AI decisions (like grant recommendations) cannot proceed without explicit, authenticated human approval. 

1. Reliable Audit & Explainability 

• Audit Trails: Build a "Chain of Custody" for AI decisions by logging what the agent "thought," what specific data it retrieved, and which model version was used. 

• Reproducibility: Ensure that AI actions are documented well enough to be reconstructed and explained to auditors or stakeholders. 

• Data Governance: Ensure the AI only accesses integrated agency data on a strict "need-to-know" basis. 

1. Testing & Advanced Privacy (Preferred)

• Security Testing: Conduct proactive testing to find vulnerabilities in how the AI processes instructions or uses external tools. 

• Advanced Privacy: Implement specialized privacy technologies to protect sensitive business information within our unified data hub. 

 

Required Competencies & Experience 

Experience Profile 

• 6–10 years of experience in Cybersecurity, with at least 2–3 years focused on AI/ML systems or securing LLM-based applications. 

• Proven track record in Cloud Infrastructure Security, specifically securing serverless compute, API gateways, and cloud-native databases. 

Core Technical Foundations 

• Agentic System Design: Experience architecting or securing systems where AI moves beyond "chat" to performing actions through APIs. 

• LLM Security Foundations: Strong understanding of current LLM/ASI security risks, including prompt injection and data privacy in RAG (Retrieval-Augmented Generation) setups. 

• Regulatory Knowledge: In-depth knowledge of Singapore’s public sector security standards, including: 

• IM8. 

• Model AI Governance Framework. 

Strategic & Soft Skills 

• Discovery Squad Collaboration: Ability to thrive in a high-velocity "sandbox" environment where you must balance rapid prototyping with security rigor. 

• Adversarial Mindset: Ability to anticipate how users might try to "game" the system to gain unfair advantages. 

• Risk Communication: Translating complex technical AI risks into clear, actionable advice for senior leadership. 

 

Preferred Qualifications  

• Experience with Policy-as-Code or logic-based authorization systems (e.g., ABAC). 

• Knowledge in Digital Forensics or building immutable logging architectures. 

• Prior experience in a Public Sector or "Smart Nation" project context. 

 

Why this role? 

This is a unique opportunity to join a specialized squad at the ground floor of agentic AI adoption in government. You will move from defending static applications to securing autonomous intelligence that directly impacts the Singapore business community.