• Assessment di conformità e gap analysis rispetto a normative e framework (NIS 2,DORA, GDPR, CRA, FNCS, ACN Determinazioni 2024-2025) • Implementazione di SGSI e modelli di gestione secondo ISO 27001, ISO 27002, ISO27005, ISO 22301 • Supporto al CISO e alle funzioni aziendali di sicurezza nella definizione di policy, processi e controlli • Attività di virtual CISO, risk management, compliance management e advisory su progetti di cyber governance • Supporto alla preparazione di accreditamenti e verifiche ACN (Cloud PA, QC1, PNCS, NIS 2) • Redazione di documentazione tecnico-organizzativa (procedure, registri, piani, report, autodichiarazioni di rischio)

• Leads structured IAM assessment engagements for small and medium-sized businesses across multiple industries, delivering comprehensive current state analysis, future state recommendations, maturity enhancements, and strategic roadmaps • Facilitates discovery sessions to evaluate client environments across IGA, AM, PAM, and Identity Verification (IdV) domains • Develops polished, executive-ready deliverables that address people, process, and technology recommendations • Serves as a trusted advisor during the presales process, identifying and aligning the right IAM services to client needs • Supports clients through vendor selection and helps define a clear path forward for IAM program improvements • Collaborates with internal teams to continuously develop and refine assessment methodology and service offerings • Contributes to thought leadership through development of reusable frameworks, templates, and best practice content • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes

• Deliver these offerings to clients across various industries • Join GuidePoint’s elite team to perform engagements, communicate with clients, deliver comprehensive reports, and provide remediation guidance • Contribute to evolving our service offerings in response to emerging threats and client needs

Role Description Establish and operationalize security controls for emerging Artificial Intelligence and Machine Learning capabilities across the enterprise. This role is responsible for embedding security into AI solution design, protecting AI models and data pipelines, and enabling secure adoption of AI use cases across business and technology functions. The role works closely with Digital, Data, AI, Security Architecture, Engineering, and Cyber Defense Operations teams to define secure AI architecture patterns, implement guardrails, and ensure AI platforms operate within client’s cybersecurity, risk, and governance standards. The ideal candidate combines strong cybersecurity engineering capability with practical knowledge of AI platforms, model risks, and enterprise technology integration. What you will do: - AI Security Architecture & Engineering - Define secure architecture patterns for AI and machine learning solutions, ensuring protection of models, training pipelines, inference environments, and supporting data flows. - Establish secure integration patterns for AI services across enterprise applications, APIs, cloud platforms, and data environments. - Review AI solution designs to ensure alignment with enterprise security architecture standards and secure-by-design principles. - Support implementation of secure controls across AI development, testing, deployment, and production environments. - AI Risk Management & Security Controls - Identify, assess, and mitigate AI-specific threats including model poisoning, prompt injection, adversarial attacks, unauthorized model access, data leakage, and misuse of AI outputs. - Define and implement security guardrails for AI model access, API usage, prompt controls, and secure interaction with enterprise data sources. - Establish controls to protect sensitive training data, embeddings, prompts, and inference outputs across AI workflows. - Support validation of third-party AI services and external model integrations from a cybersecurity risk perspective. - Governance, Standards & Responsible AI Enablement - Establish AI security standards, engineering guardrails, and governance practices aligned with regulatory requirements, enterprise risk expectations, and responsible AI principles. - Partner with Digital and AI teams to enable secure AI use cases where security accelerates responsible business adoption rather than acts as a blocker. - Support creation of AI security review checkpoints for new AI initiatives, pilots, and production deployments. - Contribute to enterprise AI security policies, reference architectures, and operational standards. - Operational Security & Monitoring - Collaborate with Cyber Defense Operations to operationalize AI-related detection, monitoring, and response capabilities. - Support development of monitoring use cases for AI misuse, abnormal model behavior, unauthorized access, and suspicious data movement. - Define logging and telemetry requirements for AI platforms to improve visibility and incident readiness. - Support integration of AI platform telemetry into enterprise detection and monitoring tools where applicable. - Cross-Functional Collaboration - Work closely with Security Architecture, Cloud Engineering, Data teams, Application teams, and AI program owners to ensure consistent security adoption. - Support security reviews for AI vendors, AI-enabled SaaS platforms, and internally developed AI capabilities. - Provide technical guidance to project teams on secure AI implementation and operational controls. Qualifications - 5–8 years of cybersecurity engineering or security architecture experience, with exposure to cloud security, data protection, or application security. - Experience working with enterprise AI, machine learning, analytics platforms, or data-driven technology environments. - Practical understanding of AI/ML deployment patterns, APIs, model lifecycle, and enterprise data integration. - Experience with Microsoft Azure AI services, OpenAI integrations, Databricks, or enterprise AI platforms preferred. - Familiarity with emerging AI governance frameworks and responsible AI standards. - Experience with Secure AI controls embedded into enterprise AI initiatives without slowing adoption. - Clear visibility into AI-related cyber risks and mitigation actions and ability to translate emerging AI risks into practical engineering controls. - Practical AI guardrails established for data, model access, and operational use. - Strong alignment between AI innovation, enterprise security, and regulatory expectations. - Security certifications such as CISSP, CCSP, or cloud security certifications preferred. Security Engineering Skills - Strong understanding of cybersecurity controls across cloud, applications, APIs, identity, and data protection. - Familiarity with AI/ML risks including prompt injection, model abuse, data leakage, and adversarial techniques. - Knowledge of secure architecture principles for modern digital and AI platforms. Equal Opportunity Employer AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact.