Director – Cybersecurity & AI
Infosys · Bengaluru, Karnataka, India
Infosys · Bengaluru, Karnataka, India
**Director – Cybersecurity & AI** **Role Overview** We are seeking a **Director – Cybersecurity & AI** to lead enterprise-wide strategy, architecture, and execution for securing AI/GenAI platforms, data, and applications. This role sits at the intersection of **cybersecurity, AI/ML, and cloud** , driving secure adoption of AI technologies while strengthening overall security posture. The Director will partner with **engineering, data science, product, risk, and executive leadership** to ensure all AI initiatives are **secure, compliant, and resilient against evolving threats** . **Key Responsibilities** **1. Strategy & Leadership** - Define and execute enterprise **Cyber + AI Security strategy and roadmap** - Lead **AI security governance, risk, and compliance frameworks** - Align security initiatives with **business, regulatory, and responsible AI goals** - Build and lead high-performing teams across **AI security, cloud security, and AppSec** - Partner with CISO, CTO, and AI leadership to embed **Secure-by-Design principles** Cybersecurity directors typically lead enterprise-wide security programs including risk, compliance, and architecture aligned with business strategy **2. AI / GenAI Security Architecture** - Define secure architectures for: - LLM / GenAI platforms (RAG, agents, copilots) - AI data pipelines & model lifecycle - AI-powered applications and APIs - Establish controls for: - Prompt injection, data leakage, model abuse - Model integrity, privacy, and adversarial attacks - Drive **identity, access, and least-privilege controls for AI systems** Highlight threat modeling for AI risks like prompt injection, model abuse, and data leakage **3. Secure AI Development & DevSecOps** - Embed security into **AI/ML lifecycle (MLSecOps / DevSecOps)** - Define standards for: - Secure coding for AI systems - Model validation and monitoring - AI observability and auditability - Integrate security into **CI/CD pipelines and AI platforms** **4. Threat Intelligence & Incident Response (AI-first)** - Build capabilities for **AI-aware threat detection and response** - Lead security operations for: - AI-enabled cyber threats - Advanced malware, deepfakes, and automated attacks - Establish **AI SOC / AI threat monitoring frameworks** AI is increasingly used to automate threat detection and incident response, requiring advanced monitoring and response capabilities **5. Risk, Compliance & Governance** - Drive compliance with: - ISO 27001, NIST, SOC2, GDPR, emerging AI regulations - Implement **AI risk management frameworks (e.g., NIST AI RMF)** - Ensure **ethical AI practices, explainability, and accountability** - Lead third-party and vendor AI risk assessments **6. Cross-Functional & Executive Influence** - Partner with: - Data Science, Engineering, Product, Legal, Risk - Act as a **trusted advisor to executive leadership** - Drive enterprise-wide **security culture and awareness** **Required Qualifications** **Experience** - 15+ years in **Cybersecurity / Information Security** - 5+ years in **leadership roles (Director / Sr Leader)** - Strong exposure to **AI/ML systems, GenAI, or data platforms** **Technical Expertise** - Cybersecurity domains: - AppSec, Cloud Security, IAM, Threat Detection, SOC - AI/ML domains: - LLMs, GenAI, ML pipelines, RAG architectures - Security tools: - SIEM, SOAR, SAST/DAST, Cloud security platforms - Knowledge of AI threats: - Adversarial ML, prompt injection, model poisoning