• Lead and scale the security team: Directly manage, mentor, and grow emerging security leaders and engineers, including a Sr Security Engineer, Security Architect, and your existing team members. • Define and evolve security strategy: Build and mature a comprehensive security program from an early stage, aligning security initiatives with overall business and product goals. • Embed security into engineering workflows: Collaborate closely with engineering and product teams to integrate security early in system designs (such as threat and design reviews) and into CI/CD pipelines. • Govern compliance and third-party risk: Own security architecture, operations, engineering, IT compliance, and third-party risk assessment programs to satisfy regulatory and fintech expectations. • Act as a risk-management partner: Serve as a pragmatic advisor who assesses risk and provides business-enabling guardrails rather than acting as a strict gatekeeper. • Communicate across stakeholders: Effectively translate complex security concepts and major risks to non-technical stakeholders, executive leadership, and cross-functional partners.

• Engage with customers to assess current security posture, identify vulnerabilities, gaps and risk exposure, and provide clear, prioritised recommendations for remediation • Lead and support security assessments, workshops and technical consultations • Translate security challenges into structured, actionable roadmaps and solution strategies • Contribute to the development and growth of the Cybit Security Practice, shaping the security proposition and go-to-market approach, and identifying opportunities • Stay up to date with emerging threats, technologies and regulations to provide informed guidance on customer risk and governance • Build strong relationships with strategic security vendors and partners to develop solution offerings and joint go-to-market initiatives • Ensure Cybit’s portfolio remains relevant, differentiated and scalable • Collaborate across technical, operational and sales teams to ensure aligned solutions, smooth delivery and clear visibility of commercial opportunities • Work with the Sales team to identify, develop and progress opportunities with both new and existing customers • Provide technical validation and credibility throughout the sales cycle

• Advise on and assess the security posture of AI/ML systems, including LLMs, GenAI pipelines, and model serving infrastructure — identifying vulnerabilities, attack surfaces, and gaps against industry frameworks (e.g., OWASP LLM Top 10, MITRE ATLAS) • Lead threat modeling exercises specific to AI workloads, covering adversarial inputs, prompt injection, model inversion, data poisoning, and supply chain risks across SaaS, self-hosted, and local AI deployments. • Advise internal teams on securely integrating SaaS AI services and APIs (e.g., OpenAI, Azure OpenAI, Bedrock) into enterprise applications, including safe handling of credentials, outputs, and user data. • Evaluate and recommend controls for data ingestion pipelines, RAG architectures, and vector databases to prevent unauthorized data exposure, leakage through model outputs, or non-compliant data processing. • Serve as a trusted security advisor bridging business stakeholders, AI/ML engineers, IT operations, and information security teams on all matters related to AI risk and security. • Continuously track emerging AI security research, adversarial techniques, regulatory developments, and vendor security advisories to keep client guidance relevant and proactive. • Produce and maintain security architecture documentation, risk assessments, control frameworks, and guidelines tailored to the organization's AI environment. • Contribute to the development of a long-term AI security strategy, including prioritized remediation roadmaps, capability maturity assessments, and investment recommendations. • Develop and deliver training and awareness content for technical and non-technical stakeholders on AI-specific risks, responsible AI usage, and secure development practices for AI-powered applications.

• own and drive execution of multiple key security initiatives • collaborate with leadership to shape the team’s roadmap • mentor junior team members in the Security team • collaborate with engineering, IT, and product teams • champion continuous improvement in Security Engineering • lead PCI-DSS Compliance initiative • design, implement, and maintain security controls • contribute to threat modeling, risk assessments, and incident response • develop and refine internal security policies, standards, and tools • support and lead security awareness efforts • continuously evaluate emerging threats, technologies, and practices